Vulnerabilities > Quagga > High

DATE CVE VULNERABILITY TITLE RISK
2021-11-19 CVE-2021-44038 Link Following vulnerability in Quagga
An issue was discovered in Quagga through 1.2.4.
local
low complexity
quagga CWE-59
7.8
2018-07-24 CVE-2017-3224 Insufficient Verification of Data Authenticity vulnerability in multiple products
Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber.
high complexity
quagga suse redhat CWE-345
8.2
2018-02-19 CVE-2018-5381 Infinite Loop vulnerability in multiple products
The Quagga BGP daemon (bgpd) prior to version 1.2.3 has a bug in its parsing of "Capabilities" in BGP OPEN messages, in the bgp_packet.c:bgp_capability_msg_parse function.
network
low complexity
quagga canonical debian siemens CWE-835
7.5
2017-10-29 CVE-2017-16227 Improper Input Validation vulnerability in multiple products
The aspath_put function in bgpd/bgp_aspath.c in Quagga before 1.2.2 allows remote attackers to cause a denial of service (session drop) via BGP UPDATE messages, because AS_PATH size calculation for long paths counts certain bytes twice and consequently constructs an invalid message.
network
low complexity
quagga debian CWE-20
7.5
2017-01-24 CVE-2017-5495 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Quagga
All versions of Quagga, 0.93 through 1.1.0, are vulnerable to an unbounded memory allocation in the telnet 'vty' CLI, leading to a Denial-of-Service of Quagga daemons, or even the entire host.
network
low complexity
quagga CWE-119
7.5
2016-05-23 CVE-2016-4049 Improper Input Validation vulnerability in multiple products
The bgp_dump_routes_func function in bgpd/bgp_dump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service (assertion failure and daemon crash) via a large BGP packet.
network
low complexity
quagga opensuse CWE-20
7.5
2016-03-17 CVE-2016-2342 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The bgp_nlri_parse_vpnv4 function in bgp_mplsvpn.c in the VPNv4 NLRI parser in bgpd in Quagga before 1.0.20160309, when a certain VPNv4 configuration is used, relies on a Labeled-VPN SAFI routes-data length field during a data copy, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted packet.
network
high complexity
quagga debian CWE-119
8.1