Vulnerabilities > CVE-2019-16159 - Out-of-bounds Write vulnerability in multiple products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
nic
opensuse
fedoraproject
debian
CWE-787
nessus

Summary

BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has a stack-based buffer overflow. The BGP daemon's support for RFC 8203 administrative shutdown communication messages included an incorrect logical expression when checking the validity of an input message. Sending a shutdown communication with a sufficient message length causes a four-byte overflow to occur while processing the message, where two of the overflow bytes are attacker-controlled and two are fixed.

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-FF0F9CE167.NASL
    descriptionBIRD 2.0.6 (2019-09-10) ======================= - RAdv: Solicited unicast RAs - BGP: Optional Adj-RIB-Out - BGP: Extended optional parameters length - Filter: Sets and set expressions in path masks - Several important bugfixes Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id129660
    published2019-10-07
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129660
    titleFedora 31 : bird (2019-ff0f9ce167)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-B629E3B97F.NASL
    descriptionBIRD 1.6.8 (2019-09-10) ======================= - Several important bugfixes Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id129083
    published2019-09-20
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129083
    titleFedora 29 : bird (2019-b629e3b97f)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-ACE80F492E.NASL
    descriptionBIRD 2.0.6 (2019-09-10) ======================= - RAdv: Solicited unicast RAs - BGP: Optional Adj-RIB-Out - BGP: Extended optional parameters length - Filter: Sets and set expressions in path masks - Several important bugfixes Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id129082
    published2019-09-20
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129082
    titleFedora 30 : bird (2019-ace80f492e)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-2178.NASL
    descriptionThis update for bird fixes the following issues : - CVE-2019-16159: Fixed a stack-based buffer overflow via administrative shutdown communication messages. (bnc#1150108)
    last seen2020-06-01
    modified2020-06-02
    plugin id129344
    published2019-09-25
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129344
    titleopenSUSE Security Update : bird (openSUSE-2019-2178)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4528.NASL
    descriptionDaniel McCarney discovered that the BIRD internet routing daemon incorrectly validated RFC 8203 messages in it
    last seen2020-06-01
    modified2020-06-02
    plugin id129074
    published2019-09-20
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129074
    titleDebian DSA-4528-1 : bird - security update

References