UbuntuUSN-1261-1Quagga vulnerabilities
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
10 High
AI Score
Confidence
High
0.303 Low
EPSS
Percentile
97.0%
Releases
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04
Packages
- quagga - BGP/OSPF/RIP routing daemon
Details
Riku Hietamäki, Tuomo Untinen and Jukka Taimisto discovered that Quagga
incorrectly handled Link State Update messages with invalid lengths. A
remote attacker could use this flaw to cause Quagga to crash, resulting in
a denial of service. (CVE-2011-3323)
Riku Hietamäki, Tuomo Untinen and Jukka Taimisto discovered that Quagga
incorrectly handled certain IPv6 Database Description messages. A remote
attacker could use this flaw to cause Quagga to crash, resulting in a
denial of service. (CVE-2011-3324)
Riku Hietamäki, Tuomo Untinen and Jukka Taimisto discovered that Quagga
incorrectly handled certain IPv4 packets. A remote attacker could use this
flaw to cause Quagga to crash, resulting in a denial of service.
(CVE-2011-3325)
Riku Hietamäki, Tuomo Untinen and Jukka Taimisto discovered that Quagga
incorrectly handled invalid Link State Advertisement (LSA) types. A remote
attacker could use this flaw to cause Quagga to crash, resulting in a
denial of service. (CVE-2011-3326)
Riku Hietamäki, Tuomo Untinen and Jukka Taimisto discovered that Quagga
incorrectly handled certain BGP UPDATE messages. A remote attacker could
use this flaw to cause Quagga to crash, or possibly execute arbitrary
code. (CVE-2011-3327)
Related
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
10 High
AI Score
Confidence
High
0.303 Low
EPSS
Percentile
97.0%