Lucene search

K

[email protected]NVD:CVE-2012-1820

HistoryJun 13, 2012 - 3:55 p.m.

CVE-2012-1820

2012-06-1315:55:01

[email protected]

web.nvd.nist.gov

2.9 Low

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:N/I:N/A:P

6.2 Medium

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.8%

The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message.

Affected configurations

NVD

Node

quaggaquaggaRange≤0.99.20.1

OR

quaggaquaggaMatch0.95

OR

quaggaquaggaMatch0.96

OR

quaggaquaggaMatch0.96.1

OR

quaggaquaggaMatch0.96.2

OR

quaggaquaggaMatch0.96.3

OR

quaggaquaggaMatch0.96.4

OR

quaggaquaggaMatch0.96.5

OR

quaggaquaggaMatch0.97.0

OR

quaggaquaggaMatch0.97.1

OR

quaggaquaggaMatch0.97.2

OR

quaggaquaggaMatch0.97.3

OR

quaggaquaggaMatch0.97.4

OR

quaggaquaggaMatch0.97.5

OR

quaggaquaggaMatch0.98.0

OR

quaggaquaggaMatch0.98.1

OR

quaggaquaggaMatch0.98.2

OR

quaggaquaggaMatch0.98.3

OR

quaggaquaggaMatch0.98.4

OR

quaggaquaggaMatch0.98.5

OR

quaggaquaggaMatch0.98.6

OR

quaggaquaggaMatch0.99.1

OR

quaggaquaggaMatch0.99.2

OR

quaggaquaggaMatch0.99.3

OR

quaggaquaggaMatch0.99.4

OR

quaggaquaggaMatch0.99.5

OR

quaggaquaggaMatch0.99.6

OR

quaggaquaggaMatch0.99.7

OR

quaggaquaggaMatch0.99.8

OR

quaggaquaggaMatch0.99.9

OR

quaggaquaggaMatch0.99.10

OR

quaggaquaggaMatch0.99.11

OR

quaggaquaggaMatch0.99.12

OR

quaggaquaggaMatch0.99.13

OR

quaggaquaggaMatch0.99.14

OR

quaggaquaggaMatch0.99.15

OR

quaggaquaggaMatch0.99.16

OR

quaggaquaggaMatch0.99.17

OR

quaggaquaggaMatch0.99.18

OR

quaggaquaggaMatch0.99.19

OR

quaggaquaggaMatch0.99.20

References

rhn.redhat.com/errata/RHSA-2012-1259.html

secunia.com/advisories/50941

www.debian.org/security/2012/dsa-2497

www.kb.cert.org/vuls/id/962587

www.securityfocus.com/bid/53775

www.ubuntu.com/usn/USN-1605-1

2.9 Low

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:N/I:N/A:P

6.2 Medium

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.8%

Related for NVD:CVE-2012-1820

openvas20 ubuntu1 fedora3 debiancve1 prion1 nessus17 amazon1 cve1 freebsd1 cvelist1 cert1 debian1 ubuntucve1 gentoo1 veracode3 redhat1 centos1 securityvulns1 oraclelinux2