Download
| Alert*
oval:org.secpod.oval:def:1600840
Infinite loop issue triggered by invalid OPEN message allows denial-of-serviceAn infinite loop vulnerability was discovered in Quagga. A BGP peer could send specially crafted packets that would cause the daemon to enter an infinite loop, denying service and consuming CPU until it is restarted.Double ... oval:org.secpod.oval:def:89002283 This update for quagga fixes the following issues: - The Quagga BGP daemon contained a bug in the AS_PATH size calculation that could have been exploited to facilitate a remote denial-of-service attack via specially crafted BGP UPDATE messages. [CVE-2017-16227, bsc#1065641] - The Quagga BGP daemon d ... oval:org.secpod.oval:def:1000585 The remote host is missing a patch 126207-13 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:2102186 The Quagga BGP daemon (bgpd) prior to version 1.2.3 has a bug in its parsing of "Capabilities" in BGP OPEN messages, in the bgp_packet.c:bgp_capability_msg_parse function. The parser can enter an infinite loop on invalid capabilities if a Multi-Protocol capability does not have a recognized AFI/SAFI ... oval:org.secpod.oval:def:89043661 This update for quagga fixes the security following issues: - The Quagga BGP daemon contained a bug in the AS_PATH size calculation that could have been exploited to facilitate a remote denial-of-service attack via specially crafted BGP UPDATE messages. [CVE-2017-16227, bsc#1065641] - The Quagga BGP ... oval:org.secpod.oval:def:1000459 The remote host is missing a patch 126206-13 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:114077 Quagga is free software that operates TCP/IP-based routing protocols. It takes a multi-server and multi-threaded approach to resolving the current complexity of the Internet. Quagga supports Babel, BGP4, BGP4+, BGP4-, IS-IS , OSPFv2, OSPFv3, RIPv1, RIPv2, RIPng, PIM-SSM and NHRP. Quagga is intended ... oval:org.secpod.oval:def:53253 Several vulnerabilities have been discovered in Quagga, a routing daemon. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2018-5378 It was discovered that the Quagga BGP daemon, bgpd, does not properly bounds check data sent with a NOTIFY to a peer, if an attrib ... oval:org.secpod.oval:def:44095 quagga: BGP/OSPF/RIP routing daemon Several security issues were fixed in Quagga. oval:org.secpod.oval:def:51995 quagga: BGP/OSPF/RIP routing daemon Several security issues were fixed in Quagga. oval:org.secpod.oval:def:114082 Quagga is free software that operates TCP/IP-based routing protocols. It takes a multi-server and multi-threaded approach to resolving the current complexity of the Internet. Quagga supports Babel, BGP4, BGP4+, BGP4-, IS-IS , OSPFv2, OSPFv3, RIPv1, RIPv2, RIPng, PIM-SSM and NHRP. Quagga is intended ... oval:org.secpod.oval:def:703986 quagga: BGP/OSPF/RIP routing daemon Several security issues were fixed in Quagga. oval:org.secpod.oval:def:603272 Several vulnerabilities have been discovered in Quagga, a routing daemon. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2018-5378 It was discovered that the Quagga BGP daemon, bgpd, does not properly bounds check data sent with a NOTIFY to a peer, if an attrib ... |