|Category:||Debian Local Security Checks|
|Title:||Debian Security Advisory DSA 415-1 (zebra)|
|Summary:||Debian Security Advisory DSA 415-1 (zebra)|
|Description:||The remote host is missing an update to zebra|
announced via advisory DSA 415-1.
Two vulnerabilities were discovered in zebra, an IP routing daemon:
CVE-2003-0795 - a bug in the telnet CLI could allow a remote attacker
to cause a zebra process to crash, resulting in a denial of service.
CVE-2003-0858 - netlink messages sent by other users (rather than the
kernel) would be accepted, leading to a denial of service.
For the current stable distribution (woody) this problem has been
fixed in version 0.92a-5woody2.
The zebra package has been obsoleted in the unstable distribution by
GNU Quagga, where this problem was fixed in version 0.96.4x-4.
We recommend that you update your zebra package.
Common Vulnerability Exposure (CVE) ID: CVE-2003-0795|
Bugtraq: 20031114 Quagga remote vulnerability (Google Search)
Debian Security Information: DSA-415 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2003-0858
|Copyright||Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com|
|This is only one of 40037 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.