Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2003-0795HistoryDec 15, 2003 - 5:00 a.m.
CVE-2003-0795
2003-12-1505:00:00
Debian Security Bug Tracker
security-tracker.debian.org
6
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.018 Low
EPSS
Percentile
88.1%
The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command to the telnet CLI port, which may trigger a null dereference.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 10 | all | quagga | < 0.96.4x-4 | quagga_0.96.4x-4_all.deb |
Related
securityvulns
securityvulns
Quagga remote vulnerability
2003-11-15 00:00:00
[RHSA-2003:307-01] Updated zebra packages fix security vulnerabilities
2003-11-13 00:00:00
nvd
nvd
CVE-2003-0795
2003-12-15 05:00:00
cve
cve
CVE-2003-0795
2003-12-15 05:00:00
nessus
nessus
Quagga < 0.96.4 Zebra Denial of Service Vulnerability
2012-06-29 00:00:00
Debian DSA-415-1 : zebra - denial of service
2004-09-29 00:00:00
RHEL 2.1 : zebra (RHSA-2003:305)
2004-07-06 00:00:00
cvelist
cvelist
CVE-2003-0795
2003-11-18 05:00:00
openvas
openvas
Debian Security Advisory DSA 415-1 (zebra)
2008-01-17 00:00:00
Zebra and Quagga Remote DoS Vulnerability
2005-11-03 00:00:00
Debian Security Advisory DSA 415-1 (zebra)
2008-01-17 00:00:00
debian
debian
[SECURITY] [DSA 415-1] New zebra packages fix denial of service
2004-01-07 01:11:03
redhat
redhat
(RHSA-2003:305) zebra security update
2003-11-12 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.018 Low
EPSS
Percentile
88.1%
Related for DEBIANCVE:CVE-2003-0795