Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2010-2949

Опубликовано: 10 сент. 2010
Источник: nvd
CVSS2: 5
EPSS Низкий

Описание

bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message.

Комментарий

Per: http://cwe.mitre.org/data/definitions/476.html 'CWE-476: NULL Pointer Dereference'

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:quagga:quagga:*:*:*:*:*:*:*:*
Версия до 0.99.16 (включая)
cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.96.3:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.96.4:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.96.5:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.97.0:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.97.1:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.97.2:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.97.3:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.97.4:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.97.5:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.98.0:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.98.1:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.98.2:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.98.3:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.98.4:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.98.5:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.98.6:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.11:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.12:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.13:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.14:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.15:*:*:*:*:*:*:*

EPSS

Процентиль: 89%
0.04638
Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

ubuntu логотип

CVE-2010-2949

ubuntu
почти 15 лет назад

bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message.

redhat логотип

CVE-2010-2949

redhat
почти 15 лет назад

bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message.

debian логотип

CVE-2010-2949

debian
почти 15 лет назад

bgpd in Quagga before 0.99.17 does not properly parse AS paths, which ...

github логотип

GHSA-7rqc-qrpp-9vrr

github
около 3 лет назад

bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message.

oracle-oval логотип

ELSA-2010-0945

oracle-oval
больше 14 лет назад

ELSA-2010-0945: quagga security update (MODERATE)

EPSS

Процентиль: 89%
0.04638
Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other