Описание
bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message.
Отчет
Not vulnerable. This issue did not affect the versions of quagga package as shipped with Red Hat Enterprise Linux 3, 4, or 5, as these versions do not support 4 byte AS numbers (AS4 support) yet.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 3 | quagga | Not affected | ||
| Red Hat Enterprise Linux 4 | quagga | Not affected | ||
| Red Hat Enterprise Linux 5 | quagga | Not affected | ||
| Red Hat Enterprise Linux 6 | quagga | Fixed | RHSA-2010:0945 | 06.12.2010 |
Показывать по
Дополнительная информация
Статус:
EPSS
1.8 Low
CVSS2
Связанные уязвимости
bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message.
bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message.
bgpd in Quagga before 0.99.17 does not properly parse AS paths, which ...
bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message.
EPSS
1.8 Low
CVSS2