SB2011092802 - SUSE Linux update for quagga 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2011092802

SB2011092802 - SUSE Linux update for quagga

Published: September 28, 2011

Security Bulletin ID SB2011092802
Severity
Medium
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Medium 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Buffer overflow (CVE-ID: CVE-2011-3323)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (out-of-bounds memory access and daemon crash) via a Link State Update message with an invalid IPv6 prefix length.


2) Resource management error (CVE-ID: CVE-2011-3324)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The ospf6_lsa_is_changed function in ospf6_lsa.c in the OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via trailing zero values in the Link State Advertisement (LSA) header list of an IPv6 Database Description message.


3) Resource management error (CVE-ID: CVE-2011-3325)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

ospf_packet.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) via (1) a 0x0a type field in an IPv4 packet header or (2) a truncated IPv4 Hello packet.


4) Resource management error (CVE-ID: CVE-2011-3326)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The ospf_flood function in ospf_flood.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) via an invalid Link State Advertisement (LSA) type in an IPv4 Link State Update message.


5) Buffer overflow (CVE-ID: CVE-2011-3327)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Heap-based buffer overflow in the ecommunity_ecom2str function in bgp_ecommunity.c in bgpd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by sending a crafted BGP UPDATE message over IPv4.


Remediation

Install update from vendor's website.

References