Executive Summary

Summary
Title Quagga: Multiple vulnerabilities
Informations
Name GLSA-201310-08 First vendor Publication 2013-10-10
Vendor Gentoo Last vendor Modification 2013-10-10
Severity (Vendor) Normal Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score 5 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Synopsis

Multiple vulnerabilities have been found in Quagga, the worst of which could lead to arbitrary code execution.

Background

Quagga is a free routing daemon replacing Zebra supporting RIP, OSPF and BGP.

Description

Multiple vulnerabilities have been discovered in Quagga. Please review the CVE identifiers referenced below for details.

Impact

A remote attacker may be able to cause arbitrary code execution or a Denial of Service condition.

Workaround

There is no known workaround at this time.

Resolution

All Quagga users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/quagga-0.99.22.4"

References

[ 1 ] CVE-2012-0249 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0249
[ 2 ] CVE-2012-0250 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0250
[ 3 ] CVE-2012-0255 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0255
[ 4 ] CVE-2012-1820 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1820
[ 5 ] CVE-2013-2236 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2236

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201310-08.xml

Original Source

Url : http://security.gentoo.org/glsa/glsa-201310-08.xml

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:17967
 
Oval ID: oval:org.mitre.oval:def:17967
Title: USN-1441-1 -- quagga vulnerabilities
Description: Quagga could be made to crash if it received specially crafted network traffic.
Family: unix Class: patch
Reference(s): USN-1441-1
CVE-2012-0249
CVE-2012-0250
CVE-2012-0255
Version: 7
Platform(s): Ubuntu 12.04
Ubuntu 11.10
Ubuntu 11.04
Ubuntu 10.04
Product(s): quagga
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18013
 
Oval ID: oval:org.mitre.oval:def:18013
Title: USN-1605-1 -- quagga vulnerability
Description: Quagga could be made to crash if it received specially crafted network traffic.
Family: unix Class: patch
Reference(s): USN-1605-1
CVE-2012-1820
Version: 7
Platform(s): Ubuntu 12.04
Ubuntu 11.10
Ubuntu 11.04
Ubuntu 10.04
Product(s): quagga
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18294
 
Oval ID: oval:org.mitre.oval:def:18294
Title: DSA-2497-1 quagga - denial of service
Description: It was discovered that Quagga, a routing daemon, contains a vulnerability in processing the ORF capability in BGP OPEN messages. A malformed OPEN message from a previously configured BGP peer could cause bgpd to crash, causing a denial of service.
Family: unix Class: patch
Reference(s): DSA-2497-1
CVE-2012-1820
Version: 7
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): quagga
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18610
 
Oval ID: oval:org.mitre.oval:def:18610
Title: DSA-2459-2 quagga - regression
Description: Several vulnerabilities have been discovered in Quagga, a routing daemon.
Family: unix Class: patch
Reference(s): DSA-2459-2
CVE-2012-0249
CVE-2012-0250
CVE-2012-0255
Version: 7
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): quagga
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18647
 
Oval ID: oval:org.mitre.oval:def:18647
Title: DSA-2459-1 quagga - several
Description: Several vulnerabilities have been discovered in Quagga, a routing daemon.
Family: unix Class: patch
Reference(s): DSA-2459-1
CVE-2012-0249
CVE-2012-0250
CVE-2012-0255
Version: 7
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): quagga
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21278
 
Oval ID: oval:org.mitre.oval:def:21278
Title: RHSA-2012:1259: quagga security update (Moderate)
Description: The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message.
Family: unix Class: patch
Reference(s): RHSA-2012:1259-01
CESA-2012:1259
CVE-2011-3323
CVE-2011-3324
CVE-2011-3325
CVE-2011-3326
CVE-2011-3327
CVE-2012-0249
CVE-2012-0250
CVE-2012-0255
CVE-2012-1820
Version: 120
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
Product(s): quagga
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21326
 
Oval ID: oval:org.mitre.oval:def:21326
Title: RHSA-2012:1258: quagga security update (Moderate)
Description: Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field.
Family: unix Class: patch
Reference(s): RHSA-2012:1258-00
CESA-2012:1258
CVE-2010-1674
CVE-2011-3323
CVE-2011-3324
CVE-2011-3325
CVE-2011-3326
CVE-2011-3327
CVE-2012-0249
CVE-2012-0250
Version: 107
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): quagga
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23395
 
Oval ID: oval:org.mitre.oval:def:23395
Title: ELSA-2012:1258: quagga security update (Moderate)
Description: Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field.
Family: unix Class: patch
Reference(s): ELSA-2012:1258-00
CVE-2010-1674
CVE-2011-3323
CVE-2011-3324
CVE-2011-3325
CVE-2011-3326
CVE-2011-3327
CVE-2012-0249
CVE-2012-0250
Version: 37
Platform(s): Oracle Linux 5
Product(s): quagga
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23882
 
Oval ID: oval:org.mitre.oval:def:23882
Title: ELSA-2012:1259: quagga security update (Moderate)
Description: The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message.
Family: unix Class: patch
Reference(s): ELSA-2012:1259-01
CVE-2011-3323
CVE-2011-3324
CVE-2011-3325
CVE-2011-3326
CVE-2011-3327
CVE-2012-0249
CVE-2012-0250
CVE-2012-0255
CVE-2012-1820
Version: 41
Platform(s): Oracle Linux 6
Product(s): quagga
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25784
 
Oval ID: oval:org.mitre.oval:def:25784
Title: SUSE-SU-2013:1470-1 -- Security update for quagga
Description: This update of quagga fixes two security issues: * CVE-2013-0149: specially-crafted OSPF packets could have caused the routing table to be erased (bnc#822572) * CVE-2013-2236: local network stack overflow (bnc#828117)
Family: unix Class: patch
Reference(s): SUSE-SU-2013:1470-1
CVE-2013-0149
CVE-2013-2236
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
Product(s): quagga
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27805
 
Oval ID: oval:org.mitre.oval:def:27805
Title: DEPRECATED: ELSA-2012-1258 -- quagga security update (moderate)
Description: [0.98.6-7.1] - fix CVE-2011-3323 - fix CVE-2011-3324 - fix CVE-2011-3325 - fix CVE-2011-3326 - fix CVE-2011-3327 - fix CVE-2012-0249 - fix CVE-2010-1674 [0.98.6-7] - Resolves: #638628 - CVE-2007-4826 CVE-2010-2948 quagga: various flaws [0.98.6-6] - Resolves: #528583 - Missing declarations cause zebra to segfault
Family: unix Class: patch
Reference(s): ELSA-2012-1258
CVE-2010-1674
CVE-2011-3323
CVE-2011-3324
CVE-2011-3325
CVE-2011-3326
CVE-2011-3327
CVE-2012-0249
CVE-2012-0250
Version: 4
Platform(s): Oracle Linux 5
Product(s): quagga
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27848
 
Oval ID: oval:org.mitre.oval:def:27848
Title: DEPRECATED: ELSA-2012-1259 -- quagga security update (moderate)
Description: [0.99.15-7.2] - improve fix for CVE-2011-3325 [0.99.15-7.1] - fix CVE-2011-3323 - fix CVE-2011-3324 - fix CVE-2011-3325 - fix CVE-2011-3326 - fix CVE-2011-3327 - fix CVE-2012-0255 - fix CVE-2012-0249 and CVE-2012-0250 - fix CVE-2012-1820 [0.99.15-7] - Resolves: #684751 - CVE-2010-1674 CVE-2010-1675 quagga various flaws [0.99.15-6] - Resolves: #644832 - CVE-2010-2948 CVE-2010-2949 quagga various flaws
Family: unix Class: patch
Reference(s): ELSA-2012-1259
CVE-2011-3323
CVE-2011-3324
CVE-2011-3325
CVE-2011-3326
CVE-2011-3327
CVE-2012-0249
CVE-2012-0250
CVE-2012-0255
CVE-2012-1820
Version: 4
Platform(s): Oracle Linux 6
Product(s): quagga
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 43

OpenVAS Exploits

Date Description
2012-10-12 Name : Ubuntu Update for quagga USN-1605-1
File : nvt/gb_ubuntu_USN_1605_1.nasl
2012-09-17 Name : CentOS Update for quagga CESA-2012:1258 centos5
File : nvt/gb_CESA-2012_1258_quagga_centos5.nasl
2012-09-17 Name : CentOS Update for quagga CESA-2012:1259 centos6
File : nvt/gb_CESA-2012_1259_quagga_centos6.nasl
2012-09-17 Name : RedHat Update for quagga RHSA-2012:1258-01
File : nvt/gb_RHSA-2012_1258-01_quagga.nasl
2012-09-17 Name : RedHat Update for quagga RHSA-2012:1259-01
File : nvt/gb_RHSA-2012_1259-01_quagga.nasl
2012-08-30 Name : Fedora Update for quagga FEDORA-2012-5352
File : nvt/gb_fedora_2012_5352_quagga_fc17.nasl
2012-08-30 Name : Fedora Update for quagga FEDORA-2012-9103
File : nvt/gb_fedora_2012_9103_quagga_fc17.nasl
2012-08-10 Name : Debian Security Advisory DSA 2497-1 (quagga)
File : nvt/deb_2497_1.nasl
2012-08-10 Name : FreeBSD Ports: quagga
File : nvt/freebsd_quagga4.nasl
2012-06-22 Name : Fedora Update for quagga FEDORA-2012-9116
File : nvt/gb_fedora_2012_9116_quagga_fc16.nasl
2012-06-22 Name : Fedora Update for quagga FEDORA-2012-9117
File : nvt/gb_fedora_2012_9117_quagga_fc15.nasl
2012-05-17 Name : Ubuntu Update for quagga USN-1441-1
File : nvt/gb_ubuntu_USN_1441_1.nasl
2012-04-30 Name : Debian Security Advisory DSA 2459-1 (quagga)
File : nvt/deb_2459_1.nasl
2012-04-30 Name : FreeBSD Ports: quagga
File : nvt/freebsd_quagga3.nasl
2012-04-23 Name : Fedora Update for quagga FEDORA-2012-5411
File : nvt/gb_fedora_2012_5411_quagga_fc16.nasl
2012-04-23 Name : Fedora Update for quagga FEDORA-2012-5436
File : nvt/gb_fedora_2012_5436_quagga_fc15.nasl

Nessus® Vulnerability Scanner

Date Description
2017-04-06 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20170321_quagga_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2017-03-30 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2017-0794.nasl - Type : ACT_GATHER_INFO
2017-03-27 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2017-0794.nasl - Type : ACT_GATHER_INFO
2017-03-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2017-0794.nasl - Type : ACT_GATHER_INFO
2016-03-25 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2941-1.nasl - Type : ACT_GATHER_INFO
2015-01-19 Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_quagga_20140721.nasl - Type : ACT_GATHER_INFO
2015-01-19 Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_quagga_20120821.nasl - Type : ACT_GATHER_INFO
2013-11-27 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2803.nasl - Type : ACT_GATHER_INFO
2013-11-05 Name : The remote service may be affected by a buffer overflow vulnerability.
File : quagga_0_99_22_2.nasl - Type : ACT_GATHER_INFO
2013-10-20 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-254.nasl - Type : ACT_GATHER_INFO
2013-10-11 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201310-08.nasl - Type : ACT_GATHER_INFO
2013-09-20 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_quagga-130822.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2012-90.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2012-70.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-1258.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-1259.nasl - Type : ACT_GATHER_INFO
2013-04-20 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-122.nasl - Type : ACT_GATHER_INFO
2013-01-25 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_quagga-120430.nasl - Type : ACT_GATHER_INFO
2012-10-12 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1605-1.nasl - Type : ACT_GATHER_INFO
2012-09-14 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120912_quagga_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-09-14 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-1259.nasl - Type : ACT_GATHER_INFO
2012-09-14 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120912_quagga_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-09-13 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1258.nasl - Type : ACT_GATHER_INFO
2012-09-13 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1259.nasl - Type : ACT_GATHER_INFO
2012-09-13 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-1258.nasl - Type : ACT_GATHER_INFO
2012-06-29 Name : The remote service may be affected by multiple vulnerabilities.
File : quagga_0_99_20_1.nasl - Type : ACT_GATHER_INFO
2012-06-29 Name : The remote service may be affected by multiple vulnerabilities.
File : quagga_0_99_17.nasl - Type : ACT_GATHER_INFO
2012-06-29 Name : The remote service may be affected by a denial of service vulnerability.
File : quagga_0_99_21.nasl - Type : ACT_GATHER_INFO
2012-06-29 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2497.nasl - Type : ACT_GATHER_INFO
2012-06-20 Name : The remote Fedora host is missing a security update.
File : fedora_2012-9103.nasl - Type : ACT_GATHER_INFO
2012-06-20 Name : The remote Fedora host is missing a security update.
File : fedora_2012-9116.nasl - Type : ACT_GATHER_INFO
2012-06-20 Name : The remote Fedora host is missing a security update.
File : fedora_2012-9117.nasl - Type : ACT_GATHER_INFO
2012-06-07 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_quagga-8108.nasl - Type : ACT_GATHER_INFO
2012-06-06 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_1e14d46faf1f11e1b24200215af774f0.nasl - Type : ACT_GATHER_INFO
2012-05-16 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1441-1.nasl - Type : ACT_GATHER_INFO
2012-04-27 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2459.nasl - Type : ACT_GATHER_INFO
2012-04-23 Name : The remote Fedora host is missing a security update.
File : fedora_2012-5411.nasl - Type : ACT_GATHER_INFO
2012-04-23 Name : The remote Fedora host is missing a security update.
File : fedora_2012-5436.nasl - Type : ACT_GATHER_INFO
2012-04-20 Name : The remote Fedora host is missing a security update.
File : fedora_2012-5352.nasl - Type : ACT_GATHER_INFO
2012-03-26 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_42a2c82a75b911e189b4001ec9578670.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2014-02-17 11:37:49
  • Multiple Updates
2013-10-24 13:26:06
  • Multiple Updates
2013-10-10 17:19:41
  • First insertion