|Category:||Denial of Service|
|Title:||Quagga Denial of Service Vulnerability|
|Summary:||Check for the version of Quagga|
Overview: This host is installed with Quagga for Linux and is prone to
Denial of Service Vulnerability.
This flaw is due to an assertion error in the BGP daemon while handling
an AS path containing multiple 4 byte AS numbers.
Successful exploitation will let the attacker crash the daemon by advertising
specially crafted AS paths and cause denial of service.
Impact level: Application
Quagga version 0.99.11 and prior
Apply the security update with the patch 0.99.10-1lenny2 for stable versions.
Apply the security update with the patch 0.99.11-2 for unstable versions.
NOTE: Please ignore the warning if patch has been already applied.
BugTraq ID: 34817|
Common Vulnerability Exposure (CVE) ID: CVE-2009-1572
Debian Security Information: DSA-1788 (Google Search)
SuSE Security Announcement: SUSE-SR:2009:012 (Google Search)
XForce ISS Database: quagga-systemnumber-dos(50317)
|Copyright||Copyright (C) 2009 Greenbone Networks GmbH|
|This is only one of 54701 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.