6.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:N/I:N/A:C
0.025 Low
EPSS
Percentile
90.2%
CentOS Errata and Security Advisory CESA-2007:0389
Quagga is a TCP/IP based routing software suite.
An out of bounds memory read flaw was discovered in Quagga’s bgpd. A
configured peer of bgpd could cause Quagga to crash, leading to a denial of
service (CVE-2007-1995).
All users of Quagga should upgrade to this updated package, which
contains a backported patch to correct these issues.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2007-May/075987.html
https://lists.centos.org/pipermail/centos-announce/2007-May/075988.html
https://lists.centos.org/pipermail/centos-announce/2007-May/075989.html
https://lists.centos.org/pipermail/centos-announce/2007-May/075990.html
https://lists.centos.org/pipermail/centos-announce/2007-May/075991.html
https://lists.centos.org/pipermail/centos-announce/2007-May/075992.html
https://lists.centos.org/pipermail/centos-announce/2007-May/075994.html
https://lists.centos.org/pipermail/centos-announce/2007-May/075996.html
https://lists.centos.org/pipermail/centos-announce/2007-May/075999.html
https://lists.centos.org/pipermail/centos-announce/2007-May/076000.html
Affected packages:
quagga
quagga-contrib
quagga-devel
Upstream details at:
https://access.redhat.com/errata/RHSA-2007:0389
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 4 | x86_64 | quagga | < 0.98.3-2.4.0.1.el4 | quagga-0.98.3-2.4.0.1.el4.x86_64.rpm |
CentOS | 4 | x86_64 | quagga-contrib | < 0.98.3-2.4.0.1.el4 | quagga-contrib-0.98.3-2.4.0.1.el4.x86_64.rpm |
CentOS | 4 | x86_64 | quagga-devel | < 0.98.3-2.4.0.1.el4 | quagga-devel-0.98.3-2.4.0.1.el4.x86_64.rpm |
CentOS | 4 | i386 | quagga | < 0.98.3-2.4.0.1.el4 | quagga-0.98.3-2.4.0.1.el4.i386.rpm |
CentOS | 4 | i386 | quagga-contrib | < 0.98.3-2.4.0.1.el4 | quagga-contrib-0.98.3-2.4.0.1.el4.i386.rpm |
CentOS | 4 | i386 | quagga-devel | < 0.98.3-2.4.0.1.el4 | quagga-devel-0.98.3-2.4.0.1.el4.i386.rpm |
CentOS | 3 | i386 | quagga | < 0.96.2-12.3E | quagga-0.96.2-12.3E.i386.rpm |
CentOS | 3 | i386 | quagga-contrib | < 0.96.2-12.3E | quagga-contrib-0.96.2-12.3E.i386.rpm |
CentOS | 3 | i386 | quagga-devel | < 0.96.2-12.3E | quagga-devel-0.96.2-12.3E.i386.rpm |
CentOS | 3 | x86_64 | quagga | < 0.96.2-12.3E | quagga-0.96.2-12.3E.x86_64.rpm |