Download
| Alert*
oval:org.secpod.oval:def:601157
Multiple vulnerabilities were discovered in Quagga, a BGP/OSPF/RIP routing daemon: CVE-2013-2236 A buffer overflow was found in the OSPF API-server . CVE-2013-6051 bgpd could be crashed through BGP updates. This only affects Wheezy/stable. oval:org.secpod.oval:def:1600143 The bgp_attr_unknown function in bgp_attr.c in Quagga 0.99.21 does not properly initialize the total variable, which allows remote attackers to cause a denial of service via a crafted BGP update. oval:org.secpod.oval:def:106218 Quagga is free software that operates TCP/IP-based routing protocols. It takes a multi-server and multi-threaded approach to resolving the current complexity of the Internet. Quagga supports Babel, BGP4, BGP4+, BGP4-, IS-IS , OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng. Quagga is intended to be used as ... |