Vulnerabilities > Quagga > Quagga > 0.99.11
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-04-05 | CVE-2012-0250 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Quagga Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field. | 3.3 |
| 2012-04-05 | CVE-2012-0249 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Quagga Buffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a Link State Update (aka LS Update) packet that is smaller than the length specified in its header. | 3.3 |
| 2011-03-29 | CVE-2010-1675 | Resource Management Errors vulnerability in Quagga bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (session reset) via a malformed AS_PATHLIMIT path attribute. | 5.0 |
| 2011-03-29 | CVE-2010-1674 | Denial Of Service vulnerability in Quagga BGP Daemon Null Pointer Deference The extended-community parser in bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed Extended Communities attribute. | 5.0 |
| 2009-05-06 | CVE-2009-1572 | Remote Denial Of Service vulnerability in Quagga Autonomous System Number The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service (crash) via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error. | 5.0 |