3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:N/A:P
0.006 Low
EPSS
Percentile
78.9%
bgpd in Quagga before 0.99.9 allows explicitly configured BGP peers to cause a denial of service (crash) via a malformed (1) OPEN message or (2) a COMMUNITY attribute, which triggers a NULL pointer dereference. NOTE: vector 2 only exists when debugging is enabled.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 10 | all | quagga | < 0.99.9-1 | quagga_0.99.9-1_all.deb |