Vulnerabilities > Quagga > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-24 | CVE-2017-3224 | Insufficient Verification of Data Authenticity vulnerability in multiple products Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. | 4.3 |
| 2018-02-19 | CVE-2018-5381 | Infinite Loop vulnerability in multiple products The Quagga BGP daemon (bgpd) prior to version 1.2.3 has a bug in its parsing of "Capabilities" in BGP OPEN messages, in the bgp_packet.c:bgp_capability_msg_parse function. | 5.0 |
| 2018-02-19 | CVE-2018-5380 | Out-of-bounds Read vulnerability in multiple products The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input. | 4.0 |
| 2018-02-19 | CVE-2018-5378 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The Quagga BGP daemon (bgpd) prior to version 1.2.3 does not properly bounds check the data sent with a NOTIFY to a peer, if an attribute length is invalid. | 4.9 |
| 2017-10-29 | CVE-2017-16227 | Improper Input Validation vulnerability in multiple products The aspath_put function in bgpd/bgp_aspath.c in Quagga before 1.2.2 allows remote attackers to cause a denial of service (session drop) via BGP UPDATE messages, because AS_PATH size calculation for long paths counts certain bytes twice and consequently constructs an invalid message. | 5.0 |
| 2016-05-23 | CVE-2016-4049 | Improper Input Validation vulnerability in multiple products The bgp_dump_routes_func function in bgpd/bgp_dump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service (assertion failure and daemon crash) via a large BGP packet. | 5.0 |
| 2012-04-05 | CVE-2012-0255 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Quagga The BGP implementation in bgpd in Quagga before 0.99.20.1 does not properly use message buffers for OPEN messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a message associated with a malformed Four-octet AS Number Capability (aka AS4 capability). | 5.0 |
| 2011-03-29 | CVE-2010-1675 | Resource Management Errors vulnerability in Quagga bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (session reset) via a malformed AS_PATHLIMIT path attribute. | 5.0 |
| 2011-03-29 | CVE-2010-1674 | Denial Of Service vulnerability in Quagga BGP Daemon Null Pointer Deference The extended-community parser in bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed Extended Communities attribute. | 5.0 |
| 2009-05-06 | CVE-2009-1572 | Remote Denial Of Service vulnerability in Quagga Autonomous System Number The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service (crash) via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error. | 5.0 |