Vulnerabilities > Quagga > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-07-24 CVE-2017-3224 Insufficient Verification of Data Authenticity vulnerability in multiple products
Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber.
4.3
2018-02-19 CVE-2018-5381 Infinite Loop vulnerability in multiple products
The Quagga BGP daemon (bgpd) prior to version 1.2.3 has a bug in its parsing of "Capabilities" in BGP OPEN messages, in the bgp_packet.c:bgp_capability_msg_parse function.
network
low complexity
quagga canonical debian siemens CWE-835
5.0
2018-02-19 CVE-2018-5380 Out-of-bounds Read vulnerability in multiple products
The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input.
network
low complexity
quagga debian canonical siemens CWE-125
4.0
2018-02-19 CVE-2018-5378 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The Quagga BGP daemon (bgpd) prior to version 1.2.3 does not properly bounds check the data sent with a NOTIFY to a peer, if an attribute length is invalid.
4.9
2017-10-29 CVE-2017-16227 Improper Input Validation vulnerability in multiple products
The aspath_put function in bgpd/bgp_aspath.c in Quagga before 1.2.2 allows remote attackers to cause a denial of service (session drop) via BGP UPDATE messages, because AS_PATH size calculation for long paths counts certain bytes twice and consequently constructs an invalid message.
network
low complexity
quagga debian CWE-20
5.0
2016-05-23 CVE-2016-4049 Improper Input Validation vulnerability in multiple products
The bgp_dump_routes_func function in bgpd/bgp_dump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service (assertion failure and daemon crash) via a large BGP packet.
network
low complexity
quagga opensuse CWE-20
5.0
2012-04-05 CVE-2012-0255 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Quagga
The BGP implementation in bgpd in Quagga before 0.99.20.1 does not properly use message buffers for OPEN messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a message associated with a malformed Four-octet AS Number Capability (aka AS4 capability).
network
low complexity
quagga CWE-119
5.0
2011-03-29 CVE-2010-1675 Resource Management Errors vulnerability in Quagga
bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (session reset) via a malformed AS_PATHLIMIT path attribute.
network
low complexity
quagga CWE-399
5.0
2011-03-29 CVE-2010-1674 Denial Of Service vulnerability in Quagga BGP Daemon Null Pointer Deference
The extended-community parser in bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed Extended Communities attribute.
network
low complexity
quagga
5.0
2009-05-06 CVE-2009-1572 Remote Denial Of Service vulnerability in Quagga Autonomous System Number
The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service (crash) via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error.
network
low complexity
quagga
5.0