 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.70412 |
| Categoría: | FreeBSD Local Security Checks |
| Título: | FreeBSD Ports: quagga |
| Resumen: | The remote host is missing an update to the system; as announced in the referenced advisory. |
| Descripción: | Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: quagga CVE-2011-3323 The OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (out-of-bounds memory access and daemon crash) via a Link State Update message with an invalid IPv6 prefix length. CVE-2011-3324 The ospf6_lsa_is_changed function in ospf6_lsa.c in the OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via trailing zero values in the Link State Advertisement (LSA) header list of an IPv6 Database Description message. CVE-2011-3325 ospf_packet.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) via (1) a 0x0a type field in an IPv4 packet header or (2) a truncated IPv4 Hello packet. CVE-2011-3326 The ospf_flood function in ospf_flood.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) via an invalid Link State Advertisement (LSA) type in an IPv4 Link State Update message. CVE-2011-3327 Heap-based buffer overflow in the ecommunity_ecom2str function in bgp_ecommunity.c in bgpd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by sending a crafted BGP UPDATE message over IPv4. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-3323 CERT/CC vulnerability note: VU#668534 http://www.kb.cert.org/vuls/id/668534 Debian Security Information: DSA-2316 (Google Search) http://www.debian.org/security/2011/dsa-2316 http://security.gentoo.org/glsa/glsa-201202-02.xml https://www.cert.fi/en/reports/2011/vulnerability539178.html RedHat Security Advisories: RHSA-2012:1258 http://rhn.redhat.com/errata/RHSA-2012-1258.html RedHat Security Advisories: RHSA-2012:1259 http://rhn.redhat.com/errata/RHSA-2012-1259.html http://secunia.com/advisories/46139 http://secunia.com/advisories/46274 http://secunia.com/advisories/48106 SuSE Security Announcement: SUSE-SU-2011:1075 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00027.html SuSE Security Announcement: SUSE-SU-2011:1171 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00010.html SuSE Security Announcement: SUSE-SU-2011:1316 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html SuSE Security Announcement: openSUSE-SU-2011:1155 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00007.html Common Vulnerability Exposure (CVE) ID: CVE-2011-3324 Common Vulnerability Exposure (CVE) ID: CVE-2011-3325 Common Vulnerability Exposure (CVE) ID: CVE-2011-3326 Common Vulnerability Exposure (CVE) ID: CVE-2011-3327 |
| Copyright | Copyright (C) 2011 E-Soft Inc. |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |