Executive Summary

Informations
Name CVE-2007-1995 First vendor Publication 2007-04-12
Vendor Cve Last vendor Modification 2017-10-11

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:S/C:N/I:N/A:C)
Cvss Base Score 6.3 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Medium
Cvss Expoit Score 6.8 Authentication Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

bgpd/bgp_attr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0.99 versions, does not validate length values in the MP_REACH_NLRI and MP_UNREACH_NLRI attributes, which allows remote attackers to cause a denial of service (daemon crash or exit) via crafted UPDATE messages that trigger an assertion error or out of bounds read.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1995

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-20 Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:11048
 
Oval ID: oval:org.mitre.oval:def:11048
Title: bgpd/bgp_attr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0.99 versions, does not validate length values in the MP_REACH_NLRI and MP_UNREACH_NLRI attributes, which allows remote attackers to cause a denial of service (daemon crash or exit) via crafted UPDATE messages that trigger an assertion error or out of bounds read.
Description: bgpd/bgp_attr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0.99 versions, does not validate length values in the MP_REACH_NLRI and MP_UNREACH_NLRI attributes, which allows remote attackers to cause a denial of service (daemon crash or exit) via crafted UPDATE messages that trigger an assertion error or out of bounds read.
Family: unix Class: vulnerability
Reference(s): CVE-2007-1995
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20362
 
Oval ID: oval:org.mitre.oval:def:20362
Title: DSA-1293-1 quagga
Description: Paul Jakma discovered that specially crafted UPDATE messages can trigger an out of boundary read that can result in a system crash of quagga, the BGP/OSPF/RIP routing daemon.
Family: unix Class: patch
Reference(s): DSA-1293-1
CVE-2007-1995
 Version: 5
Platform(s): Debian GNU/Linux 4.0
 Product(s): quagga
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22441
 
Oval ID: oval:org.mitre.oval:def:22441
Title: ELSA-2007:0389: quagga security update (Moderate)
Description: bgpd/bgp_attr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0.99 versions, does not validate length values in the MP_REACH_NLRI and MP_UNREACH_NLRI attributes, which allows remote attackers to cause a denial of service (daemon crash or exit) via crafted UPDATE messages that trigger an assertion error or out of bounds read.
Family: unix Class: patch
Reference(s): ELSA-2007:0389-02
CVE-2007-1995
 Version: 6
Platform(s): Oracle Linux 5
 Product(s): quagga
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 21

OpenVAS Exploits

Date Description
2009-10-10 Name : SLES9: Security update for quagga
File : nvt/sles9p5014412.nasl
2009-03-23 Name : Ubuntu Update for quagga vulnerability USN-461-1
File : nvt/gb_ubuntu_USN_461_1.nasl
2009-02-27 Name : Fedora Update for quagga FEDORA-2007-0838
File : nvt/gb_fedora_2007_0838_quagga_fc7.nasl
2009-02-27 Name : Fedora Update for quagga FEDORA-2007-2196
File : nvt/gb_fedora_2007_2196_quagga_fc7.nasl
2009-02-27 Name : Fedora Update for quagga FEDORA-2007-525
File : nvt/gb_fedora_2007_525_quagga_fc6.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200705-05 (quagga)
File : nvt/glsa_200705_05.nasl
2008-01-17 Name : Debian Security Advisory DSA 1293-1 (quagga)
File : nvt/deb_1293_1.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
34812 Quagga bgpd/bgp_attr.c Crafted UPDATE Message DoS

Nessus® Vulnerability Scanner

Date Description
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2007-0389.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20070530_quagga_on_SL5_x__SL4_x__SL3_x.nasl - Type : ACT_GATHER_INFO
2012-06-29 Name : The remote service may be affected by a denial of service vulnerability.
File : quagga_0_99_7.nasl - Type : ACT_GATHER_INFO
2007-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_quagga-3230.nasl - Type : ACT_GATHER_INFO
2007-11-10 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-461-1.nasl - Type : ACT_GATHER_INFO
2007-11-06 Name : The remote Fedora host is missing a security update.
File : fedora_2007-0838.nasl - Type : ACT_GATHER_INFO
2007-10-17 Name : The remote openSUSE host is missing a security update.
File : suse_quagga-3233.nasl - Type : ACT_GATHER_INFO
2007-06-07 Name : The remote Fedora Core host is missing a security update.
File : fedora_2007-525.nasl - Type : ACT_GATHER_INFO
2007-06-01 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2007-0389.nasl - Type : ACT_GATHER_INFO
2007-06-01 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2007-0389.nasl - Type : ACT_GATHER_INFO
2007-05-20 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1293.nasl - Type : ACT_GATHER_INFO
2007-05-03 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200705-05.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/23417
CONFIRM http://bugzilla.quagga.net/show_bug.cgi?id=354
http://bugzilla.quagga.net/show_bug.cgi?id=355
http://www.quagga.net/news2.php?y=2007&m=4&d=8#id1176073740
DEBIAN http://www.debian.org/security/2007/dsa-1293
GENTOO http://security.gentoo.org/glsa/glsa-200705-05.xml
MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:096
OPENPKG http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.015.html
OVAL https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
REDHAT http://www.redhat.com/support/errata/RHSA-2007-0389.html
SECTRACK http://www.securitytracker.com/id?1018142
SECUNIA http://secunia.com/advisories/24808
http://secunia.com/advisories/25084
http://secunia.com/advisories/25119
http://secunia.com/advisories/25255
http://secunia.com/advisories/25293
http://secunia.com/advisories/25312
http://secunia.com/advisories/25428
http://secunia.com/advisories/29743
SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-236141-1
SUSE http://www.novell.com/linux/security/advisories/2007_9_sr.html
TRUSTIX http://www.trustix.org/errata/2007/0017/
UBUNTU http://www.ubuntu.com/usn/usn-461-1
VUPEN http://www.vupen.com/english/advisories/2007/1336
http://www.vupen.com/english/advisories/2008/1195/references
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/33547

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
Date Informations
2021-05-05 01:03:29
  • Multiple Updates
2021-05-04 12:05:37
  • Multiple Updates
2021-04-22 01:06:12
  • Multiple Updates
2020-05-23 01:38:04
  • Multiple Updates
2020-05-23 00:19:34
  • Multiple Updates
2017-10-11 09:23:55
  • Multiple Updates
2017-07-29 12:02:09
  • Multiple Updates
2016-06-28 16:22:23
  • Multiple Updates
2016-04-26 15:59:18
  • Multiple Updates
2014-02-17 10:39:48
  • Multiple Updates
2013-05-11 10:23:00
  • Multiple Updates