 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.59802 |
| Category: | Fedora Local Security Checks |
| Title: | Fedora Core 7 FEDORA-2007-2196 (quagga) |
| Summary: | NOSUMMARY |
| Description: | Description: The remote host is missing an update to quagga announced via advisory FEDORA-2007-2196. Quagga is a free software that manages TCP/IP based routing protocol. It takes multi-server and multi-thread approach to resolve the current complexity of the Internet. Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng. Quagga is intended to be used as a Route Server and a Route Reflector. It is not a toolkit, it provides full routing power under a new architecture. Quagga by design has a process for each protocol. Quagga is a fork of GNU Zebra. Update Information: This update should fix CVE-2007-4826 quagga bgpd DoS. For more info see rhbz#285691. ChangeLog: * Mon Sep 17 2007 Martin Bacovsky - 0.99.9-1 - upgrade to new upstream 0.99.9 - Resolves: #292841: CVE-2007-4826 quagga bgpd DoS * Tue Jul 3 2007 Martin Bacovsky - 0.99.7-1 - upgrade to new upstream 0.99.7 - resolves: #240488: CVE-2007-1995 Quagga bgpd DoS References: [ 1 ] CVE-2007-4826 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4826 Updated packages: 526c17085b5f49ec5e9bc2a5d4207e5bc04decf0 quagga-0.99.9-1.fc7.ppc64.rpm 99731ed848a567bdb06833551792cad6a9b82bf5 quagga-contrib-0.99.9-1.fc7.ppc64.rpm 5d37ff9ab76c7a2bf23138f2e58fc4179fd09b3f quagga-devel-0.99.9-1.fc7.ppc64.rpm a1f8eda8da8e97cad405a9b4c2bd8a8c68aa90e9 quagga-debuginfo-0.99.9-1.fc7.ppc64.rpm 8408ec91de38943841e81f1248636909618a0f42 quagga-contrib-0.99.9-1.fc7.i386.rpm 2eaf329428744b25d373edba90aaeaaf656ba289 quagga-0.99.9-1.fc7.i386.rpm 36ffd056ab90d5014eee1421248c3dacebe42135 quagga-devel-0.99.9-1.fc7.i386.rpm 2553506531144729a069a89c90afcc9c7a4945c9 quagga-debuginfo-0.99.9-1.fc7.i386.rpm 0de097d18b1d7507d8de393c66cfbadaad615cb6 quagga-devel-0.99.9-1.fc7.x86_64.rpm 5a8c86b8a1a152975f02cfc48c698a27ac406ad6 quagga-contrib-0.99.9-1.fc7.x86_64.rpm 61c3ab98484415d6a8255d9ff9e397ee9eda6df8 quagga-debuginfo-0.99.9-1.fc7.x86_64.rpm bf5fb02497c258d1c96ef66556a68ca85e109409 quagga-0.99.9-1.fc7.x86_64.rpm 8792bae6299a91229e6baa9e2f5cac7d22051890 quagga-devel-0.99.9-1.fc7.ppc.rpm 330231a6c88fcc7295aaec25fdeac2c19f9d2ec1 quagga-debuginfo-0.99.9-1.fc7.ppc.rpm 08802ad226c5c7b8da010bcd282463cd6e61f05a quagga-contrib-0.99.9-1.fc7.ppc.rpm 16b89f5fbeb22a98eefe2397baf5dd8e038ad2af quagga-0.99.9-1.fc7.ppc.rpm 762db1963ba8e085c7536193cf7fa78b21cf0c05 quagga-0.99.9-1.fc7.src.rpm This update can be installed with the yum update program. Use su -c 'yum update quagga' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. Solution: Apply the appropriate updates. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2007-2196 Risk factor : High CVSS Score: 6.3 |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2007-4826 2007-0028 http://www.trustix.org/errata/2007/0028/ 236141 http://sunsolve.sun.com/search/document.do?assetkey=1-26-236141-1 25634 http://www.securityfocus.com/bid/25634 26744 http://secunia.com/advisories/26744 26829 http://secunia.com/advisories/26829 26863 http://secunia.com/advisories/26863 27049 http://secunia.com/advisories/27049 29743 http://secunia.com/advisories/29743 ADV-2007-3129 http://www.vupen.com/english/advisories/2007/3129 ADV-2008-1195 http://www.vupen.com/english/advisories/2008/1195/references DSA-1382 http://www.debian.org/security/2007/dsa-1382 FEDORA-2007-2196 http://fedoranews.org/updates/FEDORA-2007-219.shtml MDKSA-2007:182 http://www.mandriva.com/security/advisories?name=MDKSA-2007:182 RHSA-2010:0785 http://www.redhat.com/support/errata/RHSA-2010-0785.html USN-512-1 http://www.ubuntu.com/usn/usn-512-1 [debian-security-announce] 20071003 [SECURITY] [DSA 1379-1] New quagga packages fix denial of service http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00153.html http://quagga.net/news2.php?y=2007&m=9&d=7#id1189190760 http://www.quagga.net/download/quagga-0.99.9.changelog.txt quagga-bgpd-dos(36551) https://exchange.xforce.ibmcloud.com/vulnerabilities/36551 Common Vulnerability Exposure (CVE) ID: CVE-2007-1995 BugTraq ID: 23417 http://www.securityfocus.com/bid/23417 Debian Security Information: DSA-1293 (Google Search) http://www.debian.org/security/2007/dsa-1293 http://security.gentoo.org/glsa/glsa-200705-05.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:096 http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.015.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11048 http://www.redhat.com/support/errata/RHSA-2007-0389.html http://www.securitytracker.com/id?1018142 http://secunia.com/advisories/24808 http://secunia.com/advisories/25084 http://secunia.com/advisories/25119 http://secunia.com/advisories/25255 http://secunia.com/advisories/25293 http://secunia.com/advisories/25312 http://secunia.com/advisories/25428 SuSE Security Announcement: SUSE-SR:2007:009 (Google Search) http://www.novell.com/linux/security/advisories/2007_9_sr.html http://www.trustix.org/errata/2007/0017/ http://www.ubuntu.com/usn/usn-461-1 http://www.vupen.com/english/advisories/2007/1336 XForce ISS Database: quagga-bgpattributes-dos(33547) https://exchange.xforce.ibmcloud.com/vulnerabilities/33547 |
| Copyright | Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |