Mandrake Local Security Checks : Mandriva Security Advisory MDVSA-2011:058 (quagga)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.69393

Categoría: Mandrake Local Security Checks

Título: Mandriva Security Advisory MDVSA-2011:058 (quagga)

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing an update to quagga
announced via advisory MDVSA-2011:058.

Multiple vulnerabilities has been identified and fixed in quagga:

The extended-community parser in bgpd in Quagga before 0.99.18 allows
remote attackers to cause a denial of service (NULL pointer dereference
and application crash) via a malformed Extended Communities attribute
(CVE-2010-1674).

bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial
of service (session reset) via a malformed AS_PATHLIMIT path attribute
(CVE-2010-1675).

Updated packages are available that bring Quagga to version 0.99.18
which provides numerous bugfixes over the previous 0.99.17 version,
and also corrects these issues.

Affected: Corporate 4.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2011:058

Risk factor : Medium

CVSS Score:
5.0

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-1674
BugTraq ID: 46942
http://www.securityfocus.com/bid/46942
Debian Security Information: DSA-2197 (Google Search)
http://www.debian.org/security/2011/dsa-2197
http://security.gentoo.org/glsa/glsa-201202-02.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2011:058
http://www.osvdb.org/71259
RedHat Security Advisories: RHSA-2012:1258
http://rhn.redhat.com/errata/RHSA-2012-1258.html
http://secunia.com/advisories/43499
http://secunia.com/advisories/43770
http://secunia.com/advisories/48106
SuSE Security Announcement: SUSE-SR:2011:005 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
SuSE Security Announcement: SUSE-SU-2011:1316 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html
http://www.vupen.com/english/advisories/2011/0711
XForce ISS Database: quagga-community-dos(66211)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66211
Common Vulnerability Exposure (CVE) ID: CVE-2010-1675
BugTraq ID: 46943
http://www.securityfocus.com/bid/46943
http://www.osvdb.org/71258
XForce ISS Database: quagga-aspath-dos(66212)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66212

Copyright Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.69393
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2011:058 (quagga)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to quagga announced via advisory MDVSA-2011:058. Multiple vulnerabilities has been identified and fixed in quagga: The extended-community parser in bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed Extended Communities attribute (CVE-2010-1674). bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (session reset) via a malformed AS_PATHLIMIT path attribute (CVE-2010-1675). Updated packages are available that bring Quagga to version 0.99.18 which provides numerous bugfixes over the previous 0.99.17 version, and also corrects these issues. Affected: Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2011:058 Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-1674 BugTraq ID: 46942 http://www.securityfocus.com/bid/46942 Debian Security Information: DSA-2197 (Google Search) http://www.debian.org/security/2011/dsa-2197 http://security.gentoo.org/glsa/glsa-201202-02.xml http://www.mandriva.com/security/advisories?name=MDVSA-2011:058 http://www.osvdb.org/71259 RedHat Security Advisories: RHSA-2012:1258 http://rhn.redhat.com/errata/RHSA-2012-1258.html http://secunia.com/advisories/43499 http://secunia.com/advisories/43770 http://secunia.com/advisories/48106 SuSE Security Announcement: SUSE-SR:2011:005 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html SuSE Security Announcement: SUSE-SU-2011:1316 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html http://www.vupen.com/english/advisories/2011/0711 XForce ISS Database: quagga-community-dos(66211) https://exchange.xforce.ibmcloud.com/vulnerabilities/66211 Common Vulnerability Exposure (CVE) ID: CVE-2010-1675 BugTraq ID: 46943 http://www.securityfocus.com/bid/46943 http://www.osvdb.org/71258 XForce ISS Database: quagga-aspath-dos(66212) https://exchange.xforce.ibmcloud.com/vulnerabilities/66212
Copyright	Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com