5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.3 Medium
AI Score
Confidence
Low
0.169 Low
EPSS
Percentile
96.1%
It was discovered that Quagga incorrectly parsed certain malformed extended
communities. A remote attacker could use this flaw to cause Quagga to
crash, resulting in a denial of service. (CVE-2010-1674)
It was discovered that Quagga resets BGP sessions when encountering
malformed AS_PATHLIMIT attributes. A remote attacker could use this flaw to
disrupt BGP sessions, resulting in a denial of service. This update removes
AS_PATHLIMIT support from Quagga. This issue only affected Ubuntu 8.04 LTS,
9.10, 10.04 LTS and 10.10. (CVE-2010-1675)