Lucene search
GoogleOSV:DSA-3654-1HistoryAug 26, 2016 - 12:00 a.m.
quagga - security update
2016-08-2600:00:00
Google
osv.dev
9
0.026 Low
EPSS
Percentile
90.3%
Two vulnerabilities were discovered in quagga, a BGP/OSPF/RIP routing
daemon.
- CVE-2016-4036
TamĂĄs NĂŠmeth discovered that sensitive configuration files in
/etc/quagga were world-readable despite containing sensitive
information. - CVE-2016-4049
Evgeny Uskov discovered that a bgpd instance handling many peers
could be crashed by a malicious user when requesting a route dump.
For the stable distribution (jessie), these problems have been fixed in
version 0.99.23.1-1+deb8u2.
We recommend that you upgrade your quagga packages.
| CPE | Name | Operator | Version |
|---|---|---|---|
| quagga | eq | 0.99.23.1-1+deb8u1 | |
| quagga | eq | 0.99.23.1-1 |
References
Related
openvas
openvas
Debian Security Advisory DSA 3654-1 (quagga - security update)
2016-08-26 00:00:00
Debian: Security Advisory (DSA-3654-1)
2016-08-25 00:00:00
Debian: Security Advisory (DLA-601-1)
2023-03-08 00:00:00
osv
osv
quagga - security update
2016-08-27 00:00:00
debian
debian
[SECURITY] [DLA 601-1] quagga security update
2016-08-27 15:32:50
[SECURITY] [DSA 3654-1] quagga security update
2016-08-26 04:03:55
[SECURITY] [DSA 3654-1] quagga security update
2016-08-26 04:03:55
nessus
nessus
Ubuntu 14.04 LTS / 16.04 LTS : Quagga vulnerabilities (USN-3102-1)
2016-10-14 00:00:00
Debian DSA-3654-1 : quagga - security update
2016-08-26 00:00:00
Debian DLA-601-1 : quagga security update
2016-08-29 00:00:00
ubuntu
ubuntu
Quagga vulnerabilities
2016-10-13 00:00:00
debiancve
debiancve
CVE-2016-4036
2016-04-18 14:59:04
CVE-2016-4049
2016-05-23 19:59:07
cve
cve
CVE-2016-4036
2016-04-18 14:59:04
CVE-2016-4049
2016-05-23 19:59:07
redhatcve
redhatcve
CVE-2016-4036
2016-08-26 09:48:44
nvd
nvd
CVE-2016-4036
2016-04-18 14:59:04
CVE-2016-4049
2016-05-23 19:59:07
prion
prion
Directory traversal
2016-04-18 14:59:00
Design/Logic Flaw
2016-05-23 19:59:00
ubuntucve
ubuntucve
CVE-2016-4036
2016-04-18 00:00:00
CVE-2016-4049
2016-05-23 00:00:00
cvelist
cvelist
CVE-2016-4036
2016-04-18 14:00:00
CVE-2016-4049
2016-05-23 19:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:51:57
mageia
mageia
Updated quagga packages fix CVE-2016-4049
2016-05-05 19:26:44
gentoo
gentoo
Quagga: Multiple vulnerabilities
2017-01-21 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: quagga-0.99.24.1-3.fc23
2016-11-04 02:53:38
[SECURITY] Fedora 24 Update: quagga-0.99.24.1-4.fc24
2016-11-03 23:59:33
[SECURITY] Fedora 25 Update: quagga-0.99.24.1-4.fc25
2016-11-19 21:27:34
centos
centos
quagga security update
2017-03-24 15:42:29
redhat
redhat
(RHSA-2017:0794) Moderate: quagga security and bug fix update
2017-03-21 06:17:51
oraclelinux
oraclelinux
quagga security and bug fix update
2017-03-27 00:00:00