Executive Summary
Summary | |
---|---|
Title | quagga security update |
Informations | |||
---|---|---|---|
Name | RHSA-2012:1258 | First vendor Publication | 2012-09-12 |
Vendor | RedHat | Last vendor Modification | 2012-09-12 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated quagga packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon implements the BGP (Border Gateway Protocol) routing protocol. The Quagga ospfd and ospf6d daemons implement the OSPF (Open Shortest Path First) routing protocol. A heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An attacker could send a specially-crafted BGP message, causing bgpd on a target system to crash or, possibly, execute arbitrary code with the privileges of the user running bgpd. The UPDATE message would have to arrive from an explicitly configured BGP peer, but could have originated elsewhere in the BGP network. (CVE-2011-3327) A NULL pointer dereference flaw was found in the way the bgpd daemon processed malformed route Extended Communities attributes. A configured BGP peer could crash bgpd on a target system via a specially-crafted BGP message. (CVE-2010-1674) A stack-based buffer overflow flaw was found in the way the ospf6d daemon processed malformed Link State Update packets. An OSPF router could use this flaw to crash ospf6d on an adjacent router. (CVE-2011-3323) A flaw was found in the way the ospf6d daemon processed malformed link state advertisements. An OSPF neighbor could use this flaw to crash ospf6d on a target system. (CVE-2011-3324) A flaw was found in the way the ospfd daemon processed malformed Hello packets. An OSPF neighbor could use this flaw to crash ospfd on a target system. (CVE-2011-3325) A flaw was found in the way the ospfd daemon processed malformed link state advertisements. An OSPF router in the autonomous system could use this flaw to crash ospfd on a target system. (CVE-2011-3326) An assertion failure was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to cause ospfd on an adjacent router to abort. (CVE-2012-0249) A buffer overflow flaw was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to crash ospfd on an adjacent router. (CVE-2012-0250) Red Hat would like to thank CERT-FI for reporting CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the CERT/CC for reporting CVE-2012-0249 and CVE-2012-0250. CERT-FI acknowledges Riku Hietamäki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS project as the original reporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-332 |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2012-1258.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
57 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
43 % | CWE-399 | Resource Management Errors |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:15155 | |||
Oval ID: | oval:org.mitre.oval:def:15155 | ||
Title: | DSA-2316-1 quagga -- several | ||
Description: | Riku Hietamaki, Tuomo Untinen and Jukka Taimisto discovered several vulnerabilities in Quagga, an Internet routing daemon: CVE-2011-3323 A stack-based buffer overflow while decoding Link State Update packets with a malformed Inter Area Prefix LSA can cause the ospf6d process to crash or execute arbitrary code. CVE-2011-3324 The ospf6d process can crash while processing a Database Description packet with a crafted Link-State-Advertisement. CVE-2011-3325 The ospfd process can crash while processing a crafted Hello packet. CVE-2011-3326 The ospfd process crashes while processing Link-State-Advertisements of a type not known to Quagga. CVE-2011-3327 A heap-based buffer overflow while processing BGP UPDATE messages containing an Extended Communities path attribute can cause the bgpd process to crash or execute arbitrary code. The OSPF-related vulnerabilities require that potential attackers send packets to a vulnerable Quagga router; the packets are not distributed over OSPF. In contrast, the BGP UPDATE messages could be propagated by some routers. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2316-1 CVE-2011-3323 CVE-2011-3324 CVE-2011-3325 CVE-2011-3326 CVE-2011-3327 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | quagga |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15222 | |||
Oval ID: | oval:org.mitre.oval:def:15222 | ||
Title: | USN-1261-1 -- Quagga vulnerabilities | ||
Description: | quagga: BGP/OSPF/RIP routing daemon Quagga could be made to crash or run programs if it received specially crafted network traffic. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1261-1 CVE-2011-3323 CVE-2011-3324 CVE-2011-3325 CVE-2011-3326 CVE-2011-3327 | Version: | 5 |
Platform(s): | Ubuntu 11.04 Ubuntu 11.10 Ubuntu 10.04 Ubuntu 10.10 | Product(s): | Quagga |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21326 | |||
Oval ID: | oval:org.mitre.oval:def:21326 | ||
Title: | RHSA-2012:1258: quagga security update (Moderate) | ||
Description: | Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1258-00 CESA-2012:1258 CVE-2010-1674 CVE-2011-3323 CVE-2011-3324 CVE-2011-3325 CVE-2011-3326 CVE-2011-3327 CVE-2012-0249 CVE-2012-0250 | Version: | 107 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | quagga |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23395 | |||
Oval ID: | oval:org.mitre.oval:def:23395 | ||
Title: | ELSA-2012:1258: quagga security update (Moderate) | ||
Description: | Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:1258-00 CVE-2010-1674 CVE-2011-3323 CVE-2011-3324 CVE-2011-3325 CVE-2011-3326 CVE-2011-3327 CVE-2012-0249 CVE-2012-0250 | Version: | 37 |
Platform(s): | Oracle Linux 5 | Product(s): | quagga |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27805 | |||
Oval ID: | oval:org.mitre.oval:def:27805 | ||
Title: | DEPRECATED: ELSA-2012-1258 -- quagga security update (moderate) | ||
Description: | [0.98.6-7.1] - fix CVE-2011-3323 - fix CVE-2011-3324 - fix CVE-2011-3325 - fix CVE-2011-3326 - fix CVE-2011-3327 - fix CVE-2012-0249 - fix CVE-2010-1674 [0.98.6-7] - Resolves: #638628 - CVE-2007-4826 CVE-2010-2948 quagga: various flaws [0.98.6-6] - Resolves: #528583 - Missing declarations cause zebra to segfault | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-1258 CVE-2010-1674 CVE-2011-3323 CVE-2011-3324 CVE-2011-3325 CVE-2011-3326 CVE-2011-3327 CVE-2012-0249 CVE-2012-0250 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | quagga |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-09-17 | Name : CentOS Update for quagga CESA-2012:1258 centos5 File : nvt/gb_CESA-2012_1258_quagga_centos5.nasl |
2012-09-17 | Name : CentOS Update for quagga CESA-2012:1259 centos6 File : nvt/gb_CESA-2012_1259_quagga_centos6.nasl |
2012-09-17 | Name : RedHat Update for quagga RHSA-2012:1258-01 File : nvt/gb_RHSA-2012_1258-01_quagga.nasl |
2012-09-17 | Name : RedHat Update for quagga RHSA-2012:1259-01 File : nvt/gb_RHSA-2012_1259-01_quagga.nasl |
2012-08-30 | Name : Fedora Update for quagga FEDORA-2012-5352 File : nvt/gb_fedora_2012_5352_quagga_fc17.nasl |
2012-06-22 | Name : Fedora Update for quagga FEDORA-2012-9117 File : nvt/gb_fedora_2012_9117_quagga_fc15.nasl |
2012-06-06 | Name : RedHat Update for quagga RHSA-2011:0406-01 File : nvt/gb_RHSA-2011_0406-01_quagga.nasl |
2012-05-17 | Name : Ubuntu Update for quagga USN-1441-1 File : nvt/gb_ubuntu_USN_1441_1.nasl |
2012-04-30 | Name : Debian Security Advisory DSA 2459-1 (quagga) File : nvt/deb_2459_1.nasl |
2012-04-30 | Name : FreeBSD Ports: quagga File : nvt/freebsd_quagga3.nasl |
2012-04-23 | Name : Fedora Update for quagga FEDORA-2012-5436 File : nvt/gb_fedora_2012_5436_quagga_fc15.nasl |
2012-04-23 | Name : Fedora Update for quagga FEDORA-2012-5411 File : nvt/gb_fedora_2012_5411_quagga_fc16.nasl |
2012-03-19 | Name : Fedora Update for quagga FEDORA-2011-13492 File : nvt/gb_fedora_2011_13492_quagga_fc16.nasl |
2012-03-12 | Name : Gentoo Security Advisory GLSA 201202-02 (Quagga) File : nvt/glsa_201202_02.nasl |
2011-11-18 | Name : Ubuntu Update for quagga USN-1261-1 File : nvt/gb_ubuntu_USN_1261_1.nasl |
2011-10-21 | Name : Fedora Update for quagga FEDORA-2011-13499 File : nvt/gb_fedora_2011_13499_quagga_fc14.nasl |
2011-10-21 | Name : Fedora Update for quagga FEDORA-2011-13504 File : nvt/gb_fedora_2011_13504_quagga_fc15.nasl |
2011-10-16 | Name : FreeBSD Ports: quagga File : nvt/freebsd_quagga2.nasl |
2011-10-16 | Name : Debian Security Advisory DSA 2316-1 (quagga) File : nvt/deb_2316_1.nasl |
2011-05-12 | Name : Debian Security Advisory DSA 2197-1 (quagga) File : nvt/deb_2197_1.nasl |
2011-05-12 | Name : FreeBSD Ports: quagga File : nvt/freebsd_quagga1.nasl |
2011-04-19 | Name : Fedora Update for quagga FEDORA-2011-3922 File : nvt/gb_fedora_2011_3922_quagga_fc14.nasl |
2011-04-19 | Name : Fedora Update for quagga FEDORA-2011-3916 File : nvt/gb_fedora_2011_3916_quagga_fc13.nasl |
2011-04-01 | Name : Ubuntu Update for quagga vulnerabilities USN-1095-1 File : nvt/gb_ubuntu_USN_1095_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
75732 | Quagga bgpd IPv4 AS_PATH UPDATE Message Parsing Overflow |
75731 | Quagga ospfd Link State Advertisement (LSA) Link State Update Message Parsing... |
75730 | Quagga ospfd Hello Message Parsing Remote IPv4 DoS |
75729 | Quagga ospf6d Database Description Message Parsing Remote IPv6 DoS |
75728 | Quagga ospf6d Linkstate Message Parsing Remote IPv6 DoS |
71259 | Quagga Extended Communities Attribute Handling NULL Dereference Remote DoS Quagga contains a flaw that may allow a remote denial of service. The issue is triggered when a NULL-pointer dereference error occurs, allowing a remote attacker to use crafted extended community attributes to crash the 'bgpd' daemon, resulting in a loss of availability. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_quagga_20120821.nasl - Type : ACT_GATHER_INFO |
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_quagga_20120404.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_quagga-110331.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_quagga-111013.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_quagga-110401.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_quagga-111013.nasl - Type : ACT_GATHER_INFO |
2013-10-11 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201310-08.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-70.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1259.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1258.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0406.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_quagga-120430.nasl - Type : ACT_GATHER_INFO |
2012-09-14 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1259.nasl - Type : ACT_GATHER_INFO |
2012-09-14 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120912_quagga_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-09-14 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120912_quagga_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-09-13 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1259.nasl - Type : ACT_GATHER_INFO |
2012-09-13 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1258.nasl - Type : ACT_GATHER_INFO |
2012-09-13 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1258.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110331_quagga_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-06-29 | Name : The remote service may be affected by multiple vulnerabilities. File : quagga_0_99_17.nasl - Type : ACT_GATHER_INFO |
2012-06-29 | Name : The remote service may be affected by multiple denial of service vulnerabilit... File : quagga_0_99_18.nasl - Type : ACT_GATHER_INFO |
2012-06-29 | Name : The remote service may be affected by multiple vulnerabilities. File : quagga_0_99_19.nasl - Type : ACT_GATHER_INFO |
2012-06-29 | Name : The remote service may be affected by multiple vulnerabilities. File : quagga_0_99_20_1.nasl - Type : ACT_GATHER_INFO |
2012-06-07 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_quagga-8108.nasl - Type : ACT_GATHER_INFO |
2012-05-16 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1441-1.nasl - Type : ACT_GATHER_INFO |
2012-04-27 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2459.nasl - Type : ACT_GATHER_INFO |
2012-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2012-5411.nasl - Type : ACT_GATHER_INFO |
2012-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2012-5436.nasl - Type : ACT_GATHER_INFO |
2012-04-20 | Name : The remote Fedora host is missing a security update. File : fedora_2012-5352.nasl - Type : ACT_GATHER_INFO |
2012-03-26 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_42a2c82a75b911e189b4001ec9578670.nasl - Type : ACT_GATHER_INFO |
2012-02-22 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201202-02.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_quagga-7768.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_quagga-110920.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_quagga-110921.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_quagga-7406.nasl - Type : ACT_GATHER_INFO |
2011-11-16 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1261-1.nasl - Type : ACT_GATHER_INFO |
2011-10-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_quagga-7767.nasl - Type : ACT_GATHER_INFO |
2011-10-19 | Name : The remote Fedora host is missing a security update. File : fedora_2011-13499.nasl - Type : ACT_GATHER_INFO |
2011-10-19 | Name : The remote Fedora host is missing a security update. File : fedora_2011-13504.nasl - Type : ACT_GATHER_INFO |
2011-10-19 | Name : The remote Fedora host is missing a security update. File : fedora_2011-13492.nasl - Type : ACT_GATHER_INFO |
2011-10-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2316.nasl - Type : ACT_GATHER_INFO |
2011-10-06 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_ab9be2c8ef9111e0ad5a00215c6a37bb.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_quagga-110331.nasl - Type : ACT_GATHER_INFO |
2011-04-18 | Name : The remote Fedora host is missing a security update. File : fedora_2011-3990.nasl - Type : ACT_GATHER_INFO |
2011-04-12 | Name : The remote Fedora host is missing a security update. File : fedora_2011-3916.nasl - Type : ACT_GATHER_INFO |
2011-04-12 | Name : The remote Fedora host is missing a security update. File : fedora_2011-3922.nasl - Type : ACT_GATHER_INFO |
2011-04-04 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_b2a405075c8811e09e8500215af774f0.nasl - Type : ACT_GATHER_INFO |
2011-04-01 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_quagga-110224.nasl - Type : ACT_GATHER_INFO |
2011-04-01 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_quagga-7355.nasl - Type : ACT_GATHER_INFO |
2011-04-01 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12685.nasl - Type : ACT_GATHER_INFO |
2011-04-01 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0406.nasl - Type : ACT_GATHER_INFO |
2011-03-30 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1095-1.nasl - Type : ACT_GATHER_INFO |
2011-03-22 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2197.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:56:20 |
|