CVE-2007-1995 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-1995
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-1995

Description: bgpd/bgp_attr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0.99 versions, does not validate length values in the MP_REACH_NLRI and MP_UNREACH_NLRI attributes, which allows remote attackers to cause a denial of service (daemon crash or exit) via crafted UPDATE messages that trigger an assertion error or out of bounds read.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/33547 UBUNTU http://www.ubuntu.com/usn/usn-461-1 TRUSTIX http://www.trustix.org/errata/2007/0017/ SUSE http://www.novell.com/linux/security/advisories/2007_9_sr.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-236141-1 ST 1018142 SAID Secunia Advisory: SA24808 Secunia Advisory: SA25084 Secunia Advisory: SA25119 Secunia Advisory: SA25255 Secunia Advisory: SA25312 Secunia Advisory: SA25293 Secunia Advisory: SA25428 Secunia Advisory: SA29743 REDHAT http://www.redhat.com/support/errata/RHSA-2007-0389.html OPENPKG http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.015.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:096 GENTOO http://security.gentoo.org/glsa/glsa-200705-05.xml DEBIAN http://www.debian.org/security/2007/dsa-1293 CONFIRM http://www.quagga.net/news2.php?y=2007&m=4&d=8#id1176073740 http://bugzilla.quagga.net/show_bug.cgi?id=355 http://bugzilla.quagga.net/show_bug.cgi?id=354 BID 23417

Return to the previous page.