FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-29 07:54:42 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
167953a4-b01c-11df-9a98-0015587e2cc1quagga -- stack overflow and DoS vulnerabilities

The Red Hat security team reported two vulnerabilities:

A stack buffer overflow flaw was found in the way Quagga's bgpd daemon processed Route-Refresh messages. A configured Border Gateway Protocol (BGP) peer could send a Route-Refresh message with specially-crafted Outbound Route Filtering (ORF) record, which would cause the master BGP daemon (bgpd) to crash or, possibly, execute arbitrary code with the privileges of the user running bgpd.

A NULL pointer dereference flaw was found in the way Quagga's bgpd daemon parsed paths of autonomous systems (AS). A configured BGP peer could send a BGP update AS path request with unknown AS type, which could lead to denial of service (bgpd daemon crash).


Discovery 2010-08-24
Entry 2010-08-25
quagga
< 0.99.17

http://www.openwall.com/lists/oss-security/2010/08/24/3
http://www.quagga.net/news2.php?y=2010&m=8&d=19#id1282241100
1e14d46f-af1f-11e1-b242-00215af774f0quagga -- BGP OPEN denial of service vulnerability

CERT reports:

If a pre-configured BGP peer sends a specially-crafted OPEN message with a malformed ORF capability TLV, Quagga bgpd process will erroneously try to consume extra bytes from the input packet buffer. The process will detect a buffer overrun attempt before it happens and immediately terminate with an error message. All BGP sessions established by the attacked router will be closed and its BGP routing disrupted.


Discovery 2012-06-04
Entry 2012-06-05
quagga
le 0.99.20.1

quagga-re
< 0.99.17.10

CVE-2012-1820
http://www.kb.cert.org/vuls/id/962587
2748fdde-3a3c-11de-bbc5-00e0815b8da8quagga -- Denial of Service

Debian Security Team reports:

It was discovered that Quagga, an IP routing daemon, could no longer process the Internet routing table due to broken handling of multiple 4-byte AS numbers in an AS path. If such a prefix is received, the BGP daemon crashes with an assert failure leading to a denial of service.


Discovery 2009-05-04
Entry 2009-05-06
Modified 2009-05-07
quagga
< 0.99.11_3

34656
http://lists.quagga.net/pipermail/quagga-dev/2009-April/006541.html
CVE-2009-1572
42a2c82a-75b9-11e1-89b4-001ec9578670quagga -- multiple vulnerabilities

CERT reports:

The ospfd implementation of OSPF in Quagga allows a remote attacker (on a local network segment with OSPF enabled) to cause a denial of service (daemon aborts due to an assert) with a malformed OSPF LS-Update message.

The ospfd implementation of OSPF in Quagga allows a remote attacker (on a local network segment with OSPF enabled) to cause a denial of service (daemon crash) with a malformed OSPF Network- LSA message.

The bgpd implementation of BGP in Quagga allows remote attackers to cause a denial of service (daemon aborts due to an assert) via BGP Open message with an invalid AS4 capability.


Discovery 2012-03-23
Entry 2012-03-24
Modified 2012-03-26
quagga
< 0.99.20.1

quagga-re
< 0.99.17.8

CVE-2012-0249
CVE-2012-0250
CVE-2012-0255
http://www.kb.cert.org/vuls/id/551715
70c44cd0-e717-11e5-85be-14dae9d210b8quagga -- stack based buffer overflow vulnerability

Donald Sharp reports:

A malicious BGP peer may execute arbitrary code in particularly configured remote bgpd hosts.


Discovery 2016-01-27
Entry 2016-03-10
quagga
< 1.0.20160309

https://www.kb.cert.org/vuls/id/270232
http://savannah.nongnu.org/forum/forum.php?forum_id=8476
CVE-2016-2342
ab9be2c8-ef91-11e0-ad5a-00215c6a37bbquagga -- multiple vulnerabilities

CERT-FI reports:

Five vulnerabilities have been found in the BGP, OSPF, and OSPFv3 components of Quagga. The vulnerabilities allow an attacker to cause a denial of service or potentially to execute his own code by sending a specially modified packets to an affected server. Routing messages are typically accepted from the routing peers. Exploiting these vulnerabilities may require an established routing session (BGP peering or OSPF/OSPFv3 adjacency) to the router.

The vulnerability CVE-2011-3327 is related to the extended communities handling in BGP messages. Receiving a malformed BGP update can result in a buffer overflow and disruption of IPv4 routing.

The vulnerability CVE-2011-3326 results from the handling of LSA (Link State Advertisement) states in the OSPF service. Receiving a modified Link State Update message with malicious state information can result in denial of service in IPv4 routing.

The vulnerability CVE-2011-3325 is a denial of service vulnerability related to Hello message handling by the OSPF service. As Hello messages are used to initiate adjacencies, exploiting the vulnerability may be feasible from the same broadcast domain without an established adjacency. A malformed packet may result in denial of service in IPv4 routing.

The vulnerabilities CVE-2011-3324 and CVE-2011-3323 are related to the IPv6 routing protocol (OSPFv3) implemented in ospf6d daemon. Receiving modified Database Description and Link State Update messages, respectively, can result in denial of service in IPv6 routing.


Discovery 2011-09-26
Entry 2011-10-05
quagga
< 0.99.19

CVE-2011-3323
CVE-2011-3324
CVE-2011-3325
CVE-2011-3326
CVE-2011-3327
b2a40507-5c88-11e0-9e85-00215af774f0quagga -- two DoS vulnerabilities

Quagga developers report:

Quagga 0.99.18 has been released. This release fixes 2 denial of services in bgpd, which can be remotely triggered by malformed AS-Pathlimit or Extended-Community attributes. These issues have been assigned CVE-2010-1674 and CVE-2010-1675. Support for AS-Pathlimit has been removed with this release.


Discovery 2010-04-30
Entry 2011-04-01
quagga
< 0.99.17_6

CVE-2010-1674
CVE-2010-1675
http://www.quagga.net/news2.php?y=2011&m=3&d=21#id1300723200
cad045c0-81a5-11d8-9645-0020ed76ef5azebra/quagga denial of service vulnerability

A remote attacker could cause zebra/quagga to crash by sending a malformed telnet command to their management port.


Discovery 2003-11-20
Entry 2004-03-29
zebra
< 0.93b_7

quagga
< 0.96.4

CVE-2003-0858
http://rhn.redhat.com/errata/RHSA-2003-305.html
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=107140
http://lists.quagga.net/pipermail/quagga-users/2003-November/000906.html
e15a22ce-f16f-446b-9ca7-6859350c2e75quagga -- several security issues

Quagga reports:

The Quagga BGP daemon, bgpd, does not properly bounds check the data sent with a NOTIFY to a peer, if an attribute length is invalid. Arbitrary data from the bgpd process may be sent over the network to a peer and/or it may crash.

The Quagga BGP daemon, bgpd, can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes.

The Quagga BGP daemon, bgpd, can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input.

The Quagga BGP daemon, bgpd, can enter an infinite loop if sent an invalid OPEN message by a configured peer.


Discovery 2018-01-31
Entry 2018-02-15
quagga
< 1.2.3

https://www.quagga.net/security/Quagga-2018-0543.txt
https://www.quagga.net/security/Quagga-2018-1114.txt
https://www.quagga.net/security/Quagga-2018-1550.txt
https://www.quagga.net/security/Quagga-2018-1975.txt
CVE-2018-5378
CVE-2018-5379
CVE-2018-5380
CVE-2018-5381