Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2007-1995

bgpd/bgp_attr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0.99 versions, does not validate length values in the MP_REACH_NLRI and MP_UNREACH_NLRI attributes, which allows remote attackers to cause a denial of service (daemon crash or exit) via crafted UPDATE messages that trigger an assertion error or out of bounds read.

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://bugzilla.quagga...
CONFIRM: http://bugzilla.quagga...
BID: 23417
SECUNIA: 24808
GENTOO: GLSA-200705-05
SUSE: SUSE-SR:2007:009
SECUNIA: 25084
SECUNIA: 25119
DEBIAN: DSA-1293
TRUSTIX: 2007-0017
UBUNTU: USN-461-1
SECUNIA: 25255
SECUNIA: 25312
SECUNIA: 25293
OPENPKG: OpenPKG-SA-2007.015
REDHAT: RHSA-2007:0389
SECUNIA: 25428
SECTRACK: 1018142
MANDRIVA: MDKSA-2007:096
SUNALERT: 236141
SECUNIA: 29743
VUPEN: ADV-2007-1336
VUPEN: ADV-2008-1195
CONFIRM: http://www.quagga.net/...
XF: quagga-bgpattributes-d...
OVAL: oval:org.mitre.oval:de...

Launchpad.net

CVE 2007-1995

Related bugs

References