Lucene search

[email protected]NVD:CVE-2011-3325

HistoryOct 10, 2011 - 10:55 a.m.

CVE-2011-3325

2011-10-1010:55:06

CWE-399

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.3 Medium

AI Score

Confidence

Low

0.105 Low

EPSS

Percentile

95.0%

JSON

ospf_packet.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) via (1) a 0x0a type field in an IPv4 packet header or (2) a truncated IPv4 Hello packet.

Affected configurations

NVD

Node

quaggaquaggaRange≤0.99.18

quaggaquaggaMatch0.95

quaggaquaggaMatch0.96

quaggaquaggaMatch0.96.1

quaggaquaggaMatch0.96.2

quaggaquaggaMatch0.96.3

quaggaquaggaMatch0.96.4

quaggaquaggaMatch0.96.5

quaggaquaggaMatch0.97.0

quaggaquaggaMatch0.97.1

quaggaquaggaMatch0.97.2

quaggaquaggaMatch0.97.3

quaggaquaggaMatch0.97.4

quaggaquaggaMatch0.97.5

quaggaquaggaMatch0.98.0

quaggaquaggaMatch0.98.1

quaggaquaggaMatch0.98.2

quaggaquaggaMatch0.98.3

quaggaquaggaMatch0.98.4

quaggaquaggaMatch0.98.5

quaggaquaggaMatch0.98.6

quaggaquaggaMatch0.99.1

quaggaquaggaMatch0.99.2

quaggaquaggaMatch0.99.3

quaggaquaggaMatch0.99.4

quaggaquaggaMatch0.99.5

quaggaquaggaMatch0.99.6

quaggaquaggaMatch0.99.7

quaggaquaggaMatch0.99.8

quaggaquaggaMatch0.99.9

quaggaquaggaMatch0.99.10

quaggaquaggaMatch0.99.11

quaggaquaggaMatch0.99.12

quaggaquaggaMatch0.99.13

quaggaquaggaMatch0.99.14

quaggaquaggaMatch0.99.15

quaggaquaggaMatch0.99.16

quaggaquaggaMatch0.99.17

References

code.quagga.net/?p=quagga.git%3Ba=commit%3Bh=61ab0301606053192f45c188bc48afc837518770

code.quagga.net/?p=quagga.git%3Ba=commit%3Bh=717750433839762d23a5f8d88fe0b4d57c8d490a

lists.opensuse.org/opensuse-security-announce/2011-09/msg00027.html

lists.opensuse.org/opensuse-security-announce/2011-10/msg00007.html

lists.opensuse.org/opensuse-security-announce/2011-10/msg00010.html

lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html

rhn.redhat.com/errata/RHSA-2012-1258.html

rhn.redhat.com/errata/RHSA-2012-1259.html

secunia.com/advisories/46139

secunia.com/advisories/46274

secunia.com/advisories/48106

security.gentoo.org/glsa/glsa-201202-02.xml

www.debian.org/security/2011/dsa-2316

www.kb.cert.org/vuls/id/668534

www.quagga.net/download/quagga-0.99.19.changelog.txt

bugzilla.redhat.com/show_bug.cgi?id=738396

www.cert.fi/en/reports/2011/vulnerability539178.html

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.3 Medium

AI Score

Confidence

Low

0.105 Low

EPSS

Percentile

95.0%

JSON

Related for NVD:CVE-2011-3325

cve1 ubuntucve1 prion1 cvelist1 debiancve1 nessus23 suse4 openvas28 debian1 freebsd1 fedora5 cert1 securityvulns2 ubuntu1 osv1 veracode8 redhat2 centos2 gentoo1 oraclelinux3