Action not permitted
Modal body text goes here.
cve-2010-2949
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T02:55:45.507Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "ADV-2010-2304", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/2304" }, { "name": "42498", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/42498" }, { "name": "[oss-security] 20100824 CVE Request -- Quagga (bgpd) [two ids] -- 1, Stack buffer overflow by processing crafted Refresh-Route msgs 2, NULL ptr deref by parsing certain AS paths by BGP update request", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2010/08/24/3" }, { "name": "41238", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/41238" }, { "name": "SUSE-SR:2010:022", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html" }, { "name": "42642", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/42642" }, { "name": "41038", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/41038" }, { "name": "GLSA-201202-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-201202-02.xml" }, { "name": "42397", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/42397" }, { "name": "DSA-2104", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2010/dsa-2104" }, { "name": "USN-1027-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-1027-1" }, { "name": "42446", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/42446" }, { "name": "SUSE-SU-2011:1316", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://code.quagga.net/?p=quagga.git%3Ba=commit%3Bh=cddb8112b80fa9867156c637d63e6e79eeac67bb" }, { "name": "MDVSA-2010:174", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:174" }, { "name": "48106", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/48106" }, { "name": "ADV-2010-3097", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/3097" }, { "name": "[oss-security] 20100825 Re: CVE Request -- Quagga (bgpd) [two ids] -- 1, Stack buffer overflow by processing crafted Refresh-Route msgs 2, NULL ptr deref by parsing certain AS paths by BGP update request", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2010/08/25/4" }, { "name": "RHSA-2010:0945", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0945.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.quagga.net/news2.php?y=2010\u0026m=8\u0026d=19" }, { "name": "ADV-2010-3124", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/3124" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=626795" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2010-08-24T00:00:00", "descriptions": [ { "lang": "en", "value": "bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-05T18:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "ADV-2010-2304", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/2304" }, { "name": "42498", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/42498" }, { "name": "[oss-security] 20100824 CVE Request -- Quagga (bgpd) [two ids] -- 1, Stack buffer overflow by processing crafted Refresh-Route msgs 2, NULL ptr deref by parsing certain AS paths by BGP update request", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2010/08/24/3" }, { "name": "41238", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/41238" }, { "name": "SUSE-SR:2010:022", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html" }, { "name": "42642", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/42642" }, { "name": "41038", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/41038" }, { "name": "GLSA-201202-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-201202-02.xml" }, { "name": "42397", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/42397" }, { "name": "DSA-2104", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2010/dsa-2104" }, { "name": "USN-1027-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-1027-1" }, { "name": "42446", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/42446" }, { "name": "SUSE-SU-2011:1316", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://code.quagga.net/?p=quagga.git%3Ba=commit%3Bh=cddb8112b80fa9867156c637d63e6e79eeac67bb" }, { "name": "MDVSA-2010:174", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:174" }, { "name": "48106", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/48106" }, { "name": "ADV-2010-3097", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/3097" }, { "name": "[oss-security] 20100825 Re: CVE Request -- Quagga (bgpd) [two ids] -- 1, Stack buffer overflow by processing crafted Refresh-Route msgs 2, NULL ptr deref by parsing certain AS paths by BGP update request", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2010/08/25/4" }, { "name": "RHSA-2010:0945", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0945.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.quagga.net/news2.php?y=2010\u0026m=8\u0026d=19" }, { "name": "ADV-2010-3124", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/3124" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=626795" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2010-2949", "datePublished": "2010-09-10T18:00:00", "dateReserved": "2010-08-04T00:00:00", "dateUpdated": "2024-08-07T02:55:45.507Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2010-2949\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2010-09-10T19:00:02.597\",\"lastModified\":\"2023-02-13T04:21:24.037\",\"vulnStatus\":\"Modified\",\"evaluatorComment\":\"Per: http://cwe.mitre.org/data/definitions/476.html\\r\\n\u0027CWE-476: NULL Pointer Dereference\u0027\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message.\"},{\"lang\":\"es\",\"value\":\"bgpd en Quagga anteriores a v0.99.17 no realiza el an\u00e1lisis sint\u00e1ctico las rutas AS, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (desreferencia de puntero NULL y ca\u00edda del demonio) a trav\u00e9s de un tipo AS desconocido en un atributo AS en un mensaje BGP UPDATE. \\r\\n\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"0.99.16\",\"matchCriteriaId\":\"C10E443E-A9B8-4E33-B17A-FD6172C98023\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD7A8AD5-A315-4242-960C-05E792B30547\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B83BCE2-24D0-4B5B-A034-62BFF1894AE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDD63DD9-1809-4CEC-AB69-955A7B127CA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A2AD1AD-DDE2-477B-8EFD-767B6FD8EDBB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.96.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99BD881B-9B53-4E12-B083-87C9C87CDF62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.96.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F910313F-FFE1-470A-A9B6-8A854C73DC97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.96.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B0A9232-968D-4D3E-82A0-F5CC858EAF48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.97.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD5F4CFB-BE1F-4424-8D2F-B921704E3AA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.97.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A55FF13-8E56-4A27-B7FD-A855735E1045\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.97.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7DDBC3B-99BB-4404-9A73-90ED6581D69A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.97.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB09A713-E91E-44E7-8B82-F70F655A97B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.97.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10173750-690B-4576-AB3F-11A0861AA78B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.97.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EF8693A-D561-4D2E-BD60-5630601C6A94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.98.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE43983A-73CB-41A5-889B-1AEA9A27F440\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.98.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EB589E9-85C0-4E87-856B-A2832383B129\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.98.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CF5EB8A-8E46-4490-BA88-03D4BED3EB84\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.98.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6445BEF-245C-47CE-9779-96C97CFD4DA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.98.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48D007FD-C1AD-477E-9AA5-DDB4522D3248\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.98.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6ADB9F6-B519-45D0-966F-F095372FBB49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.98.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E914BAF-2E3A-415E-BAA7-FA02B4A22E25\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55FCB7EC-8060-434B-B485-0DC7DBFE117D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9524E069-2A80-4068-9945-2752EF2126EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E1B30CC-478C-4BD1-AF4C-D126B8CCE8D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D713119-F9C6-4656-92C9-A5B863A4B72F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A5E99C8-3778-416B-915F-7335C72435B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"578DCE6D-3360-43DA-B22E-E0005A6AF388\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4D7B93B-0CF5-4CAF-B1F4-8A816A427BC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FDAF214-1851-4DFC-ACAA-37D8CD83D323\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B41BBCA6-237B-4CB6-9208-571D47251E18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD6CAB29-56F9-4C54-97D8-CBB338658EB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.99.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C69C603A-34A1-4EF9-A332-6984928BF72C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.99.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8814493-75B4-45DD-886B-054A1C27F870\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.99.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E98DCCDE-2800-4FC5-BE49-3EC7583F9768\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.99.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF2C126C-075D-42F0-B9DD-95267D14C818\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.99.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62379505-A869-48AA-8A32-768583F12266\"}]}]}],\"references\":[{\"url\":\"http://code.quagga.net/?p=quagga.git%3Ba=commit%3Bh=cddb8112b80fa9867156c637d63e6e79eeac67bb\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/41038\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/41238\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/42397\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/42446\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/42498\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/48106\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-201202-02.xml\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2010/dsa-2104\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2010:174\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2010/08/24/3\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2010/08/25/4\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.quagga.net/news2.php?y=2010\u0026m=8\u0026d=19\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0945.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/42642\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-1027-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/2304\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/3097\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/3124\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=626795\",\"source\":\"secalert@redhat.com\"}]}}" } }
var-201009-0230
Vulnerability from variot
bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message. Quagga is a routing software suite that implements multiple routing protocols on Unix platforms. Quagga's bgpd daemon has a null pointer reference vulnerability when parsing the AS path. The configured BGP peer can send a BGP update request with an unknown AS type causing the daemon to crash. Quagga is prone to a remote denial-of-service vulnerability caused by a NULL-pointer dereference in the Border Gateway Protocol daemon (bgpd). Versions prior to Quagga 0.99.17 are vulnerable. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201202-02
http://security.gentoo.org/
Severity: High Title: Quagga: Multiple vulnerabilities Date: February 21, 2012 Bugs: #334303, #359903, #384651 ID: 201202-02
Synopsis
Multiple vulnerabilities were found in Quagga, the worst of which leading to remote execution of arbitrary code.
Background
Quagga is a free routing daemon replacing Zebra supporting RIP, OSPF and BGP.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-misc/quagga < 0.99.20 >= 0.99.20
Description
Multiple vulnerabilities have been discovered in Quagga. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Quagga users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/quagga-0.99.20 "
References
[ 1 ] CVE-2010-1674 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1674 [ 2 ] CVE-2010-1675 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1675 [ 3 ] CVE-2010-2948 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2948 [ 4 ] CVE-2010-2949 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2949 [ 5 ] CVE-2011-3323 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3323 [ 6 ] CVE-2011-3324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3324 [ 7 ] CVE-2011-3325 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3325 [ 8 ] CVE-2011-3326 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3326 [ 9 ] CVE-2011-3327 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3327
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201202-02.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA-2104-1 security@debian.org http://www.debian.org/security/ Florian Weimer September 06, 2010 http://www.debian.org/security/faq
Package : quagga Vulnerability : several Problem type : remote Debian-specific: no CVE Id(s) : CVE-2010-2948 CVE-2010-2949 Debian Bug : 594262
Several remote vulnerabilities have been discovered in the BGP implementation of Quagga, a routing daemon. In some configurations, such crafted AS paths could be relayed by intermediate BGP routers.
In addition, this update contains a reliability fix: Quagga will no longer advertise confederation-related AS paths to non-confederation peers, and reject unexpected confederation-related AS paths by resetting the session with the BGP peer which is advertising them. (Previously, such AS paths would trigger resets of unrelated BGP sessions.)
For the stable distribution (lenny), these problems have been fixed in version 0.99.10-1lenny3.
For the unstable distribution (sid) and the testing distribution (squeeze), these problems have been fixed in version 0.99.17-1.
We recommend that you upgrade your quagga package.
Upgrade instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
Source archives:
http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10.orig.tar.gz Size/MD5 checksum: 2424191 c7a2d92e1c42214afef9b2e1cd4b5d06 http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3.diff.gz Size/MD5 checksum: 42826 100dbb936b3b0f0d4fb4947bf384d369 http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3.dsc Size/MD5 checksum: 1651 f5b9c26538e9d32008ad0256fe4ad0ed
Architecture independent packages:
http://security.debian.org/pool/updates/main/q/quagga/quagga-doc_0.99.10-1lenny3_all.deb Size/MD5 checksum: 661354 f843c6f765a48f7e071a52d3c7834d2f
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_alpha.deb Size/MD5 checksum: 1902990 0f85c30d5f719f9c104f5a8977a5d1a0
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_amd64.deb Size/MD5 checksum: 1749952 89a53689c4daf3f0695ea2c21aa93254
arm architecture (ARM)
http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_arm.deb Size/MD5 checksum: 1449792 3c53e06e4d27ef8cf391533824668b19
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_armel.deb Size/MD5 checksum: 1457202 e52ae364e20ff137c5e0e5f75bfc1ec1
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_hppa.deb Size/MD5 checksum: 1683924 c8172ed22b010569949977f407c282b6
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_i386.deb Size/MD5 checksum: 1608678 e7b5fbd36e4466cdecaca46f1f96642b
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_ia64.deb Size/MD5 checksum: 2256144 75ebe4e12a3e22ef79e5e3dab2d457bf
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_mips.deb Size/MD5 checksum: 1605990 f33ef3d9b31f0da900aba6a20bdd188d
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_mipsel.deb Size/MD5 checksum: 1601240 68ff751ff9c022cc06db8d0d66895a6e
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_powerpc.deb Size/MD5 checksum: 1717802 931505a31bdcc1a7732a9a2e9f295a01
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_s390.deb Size/MD5 checksum: 1794990 7d52667f3f37553256e87b77450dc309
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_sparc.deb Size/MD5 checksum: 1671232 3706818c39b51bb45c58a0cf8fdba202
These files will probably be moved into the stable distribution on its next update.
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show
iQEcBAEBAgAGBQJMhUEPAAoJEL97/wQC1SS+dwMH/2tsjv3eQBHu3jvm+jMB7Dr1 6uRIi/1/DgaaRmVSD41quWSYoww374pkwZ5xjUVZqOQY1N6Y34avnwjN7FsSg8no H0Os4uioep8/IKzhse0EyeDZcmm2j8E41j3UZ+aANqWOssGa0MNddj846K3NDw2j dRuKUUy4JK8iRSwBLUaXqydAPI2ZjdXVH0Yy/3l51f2Aerm7N565f1ifUh38C6Y0 IR5BdiA1C6jzV+826VrZaj10cKAPg/Qm31mrNiZMBcVpi2sBJ+zQ8P/G3j7CpEdr sITi5UiULGAp+3cGvtPzZDtBxfkLLpVIpNgRPiSHhA+PTjG60HHvPK43OZkPdSY= =HP/T -----END PGP SIGNATURE----- .
Updated packages are available that bring Quagga to version 0.99.17 which provides numerous bugfixes over the previous 0.99.12 version, and also corrects these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2948 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2949
Updated Packages:
Corporate 4.0: 982061c8bac57d5878a2dbd9747234f4 corporate/4.0/i586/libquagga0-0.99.17-0.1.20060mlcs4.i586.rpm 53b1e909e046539dcfd55f9b1f62e7ea corporate/4.0/i586/libquagga0-devel-0.99.17-0.1.20060mlcs4.i586.rpm 796ef3f10f793f6546ce6a0525082fa5 corporate/4.0/i586/quagga-0.99.17-0.1.20060mlcs4.i586.rpm 423c4032225687b252ddb3887db1f226 corporate/4.0/i586/quagga-contrib-0.99.17-0.1.20060mlcs4.i586.rpm 9f63365fc185a7bdf930a80cb6615c7d corporate/4.0/SRPMS/quagga-0.99.17-0.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 9b36814efd0751aa81e38baec0d2bae6 corporate/4.0/x86_64/lib64quagga0-0.99.17-0.1.20060mlcs4.x86_64.rpm 64ab6ba845a97236ffd2898e0aef892d corporate/4.0/x86_64/lib64quagga0-devel-0.99.17-0.1.20060mlcs4.x86_64.rpm 7d259ae75e30e1d172e340cc232d1ff2 corporate/4.0/x86_64/quagga-0.99.17-0.1.20060mlcs4.x86_64.rpm 2f3390db2bae0e0d505ec759e0a15232 corporate/4.0/x86_64/quagga-contrib-0.99.17-0.1.20060mlcs4.x86_64.rpm 9f63365fc185a7bdf930a80cb6615c7d corporate/4.0/SRPMS/quagga-0.99.17-0.1.20060mlcs4.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
iD8DBQFMi592mqjQ0CJFipgRAoHFAJ0XDJVqB+SJmOHZ0hrPlMgjTMYeNgCgwxRw AMo+uyGwHeG+uyLmOzKKMOs= =ahfH -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . =========================================================== Ubuntu Security Notice USN-1027-1 December 07, 2010 quagga vulnerabilities CVE-2010-2948, CVE-2010-2949 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 9.10 Ubuntu 10.04 LTS
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: quagga 0.99.2-1ubuntu3.7
Ubuntu 8.04 LTS: quagga 0.99.9-2ubuntu1.4
Ubuntu 9.10: quagga 0.99.13-1ubuntu0.1
Ubuntu 10.04 LTS: quagga 0.99.15-1ubuntu0.1
In general, a standard system update will make all the necessary changes.
Details follow:
It was discovered that Quagga incorrectly handled certain Outbound Route Filtering (ORF) records. The default compiler options for Ubuntu 8.04 LTS and later should reduce the vulnerability to a denial of service. (CVE-2010-2948)
It was discovered that Quagga incorrectly parsed certain AS paths
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201009-0230", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "quagga", "scope": "eq", "trust": 1.6, "vendor": "quagga", "version": "0.99.5" }, { "model": "quagga", "scope": "eq", "trust": 1.6, "vendor": "quagga", "version": "0.99.7" }, { "model": "quagga", "scope": "eq", "trust": 1.6, "vendor": "quagga", "version": "0.99.10" }, { "model": "quagga", "scope": "eq", "trust": 1.6, "vendor": "quagga", "version": "0.99.9" }, { "model": "quagga", "scope": "eq", "trust": 1.6, "vendor": "quagga", "version": "0.99.11" }, { "model": "quagga", "scope": "eq", "trust": 1.6, "vendor": "quagga", "version": "0.99.6" }, { "model": "quagga", "scope": "eq", "trust": 1.6, "vendor": "quagga", "version": "0.99.2" }, { "model": "quagga", "scope": "eq", "trust": 1.6, "vendor": "quagga", "version": "0.99.3" }, { "model": "quagga", "scope": "eq", "trust": 1.6, "vendor": "quagga", "version": "0.99.4" }, { "model": "quagga", "scope": "eq", "trust": 1.6, "vendor": "quagga", "version": "0.99.8" }, { "model": "quagga", "scope": "eq", "trust": 1.0, "vendor": "quagga", "version": "0.98.3" }, { "model": "quagga", "scope": "eq", "trust": 1.0, "vendor": "quagga", "version": "0.97.5" }, { "model": "quagga", "scope": "lte", "trust": 1.0, "vendor": "quagga", "version": "0.99.16" }, { "model": "quagga", "scope": "eq", "trust": 1.0, "vendor": "quagga", "version": "0.99.12" }, { "model": "quagga", "scope": "eq", "trust": 1.0, "vendor": "quagga", "version": "0.97.4" }, { "model": "quagga", "scope": "eq", "trust": 1.0, "vendor": "quagga", "version": "0.96.5" }, { "model": "quagga", "scope": "eq", "trust": 1.0, "vendor": "quagga", "version": "0.98.4" }, { "model": "quagga", "scope": "eq", "trust": 1.0, "vendor": "quagga", "version": "0.99.13" }, { "model": "quagga", "scope": "eq", "trust": 1.0, "vendor": "quagga", "version": "0.99.14" }, { "model": "quagga", "scope": "eq", "trust": 1.0, "vendor": "quagga", "version": "0.98.0" }, { "model": "quagga", "scope": "eq", "trust": 1.0, "vendor": "quagga", "version": "0.96" }, { "model": "quagga", "scope": "eq", "trust": 1.0, "vendor": "quagga", "version": "0.96.3" }, { "model": "quagga", "scope": "eq", "trust": 1.0, "vendor": "quagga", "version": "0.97.1" }, { "model": "quagga", "scope": "eq", "trust": 1.0, "vendor": "quagga", "version": "0.99.1" }, { "model": "quagga", "scope": "eq", "trust": 1.0, "vendor": "quagga", "version": "0.98.1" }, { "model": "quagga", "scope": "eq", "trust": 1.0, "vendor": "quagga", "version": "0.99.15" }, { "model": "quagga", "scope": "eq", "trust": 1.0, "vendor": "quagga", "version": "0.97.0" }, { "model": "quagga", "scope": "eq", "trust": 1.0, "vendor": "quagga", "version": "0.96.4" }, { "model": "quagga", "scope": "eq", "trust": 1.0, "vendor": "quagga", "version": "0.96.1" }, { "model": "quagga", "scope": "eq", "trust": 1.0, "vendor": "quagga", "version": "0.98.5" }, { "model": "quagga", "scope": "eq", "trust": 1.0, "vendor": "quagga", "version": "0.98.6" }, { "model": "quagga", "scope": "eq", "trust": 1.0, "vendor": "quagga", "version": "0.97.3" }, { "model": "quagga", "scope": "eq", "trust": 1.0, "vendor": "quagga", "version": "0.97.2" }, { "model": "quagga", "scope": "eq", "trust": 1.0, "vendor": "quagga", "version": "0.95" }, { "model": "quagga", "scope": "eq", "trust": 1.0, "vendor": "quagga", "version": "0.98.2" }, { "model": "quagga", "scope": "eq", "trust": 1.0, "vendor": "quagga", "version": "0.96.2" }, { "model": "quagga", "scope": "lt", "trust": 0.8, "vendor": "quagga", "version": "0.99.17" }, { "model": "enterprise linux server", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "6" }, { "model": "enterprise linux workstation", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "6" }, { "model": "routing software suite", "scope": "lt", "trust": 0.6, "vendor": "quagga", "version": "0.99.17" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "9.10" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "9.10" }, { "model": "linux lpia", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "9.10" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "9.10" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "9.10" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "9.10" }, { "model": "linux lts sparc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "8.04" }, { "model": "linux lts powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "8.04" }, { "model": "linux lts lpia", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "8.04" }, { "model": "linux lts i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "8.04" }, { "model": "linux lts amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "8.04" }, { "model": "linux lts sparc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "6.06" }, { "model": "linux lts powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "6.06" }, { "model": "linux lts i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "6.06" }, { "model": "linux lts amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "6.06" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "linux enterprise server sp2", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "linux enterprise sp1", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "linux enterprise", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "linux enterprise sp3", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "opensuse", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11.3" }, { "model": "opensuse", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "11.2" }, { "model": "opensuse", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "11.1" }, { "model": "hat enterprise linux workstation optional", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "hat enterprise linux workstation", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "hat enterprise linux server optional", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "hat enterprise linux server", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "routing software suite", "scope": "eq", "trust": 0.3, "vendor": "quagga", "version": "0.99.16" }, { "model": "routing software suite", "scope": "eq", "trust": 0.3, "vendor": "quagga", "version": "0.99.15" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6.2" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6" }, { "model": "corporate server x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "4.0" }, { "model": "corporate server", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "4.0" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "linux s/390", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "linux mipsel", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "linux mips", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "linux m68k", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "linux ia-64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "linux ia-32", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "linux hppa", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "linux armel", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "linux alpha", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "routing software suite", "scope": "ne", "trust": 0.3, "vendor": "quagga", "version": "0.99.17" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2010-1779" }, { "db": "BID", "id": "42642" }, { "db": "JVNDB", "id": "JVNDB-2010-002551" }, { "db": "CNNVD", "id": "CNNVD-201009-094" }, { "db": "NVD", "id": "CVE-2010-2949" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.97.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.98.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.96.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.96.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.98.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "0.99.16", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.98.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.96.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.98.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.97.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.98.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.97.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.98.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.98.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.97.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.97.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.97.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2010-2949" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Chris Hall", "sources": [ { "db": "BID", "id": "42642" }, { "db": "CNNVD", "id": "CNNVD-201009-094" } ], "trust": 0.9 }, "cve": "CVE-2010-2949", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 5.0, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2010-2949", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2010-2949", "trust": 1.8, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201009-094", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2010-002551" }, { "db": "CNNVD", "id": "CNNVD-201009-094" }, { "db": "NVD", "id": "CVE-2010-2949" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message. Quagga is a routing software suite that implements multiple routing protocols on Unix platforms. Quagga\u0027s bgpd daemon has a null pointer reference vulnerability when parsing the AS path. The configured BGP peer can send a BGP update request with an unknown AS type causing the daemon to crash. Quagga is prone to a remote denial-of-service vulnerability caused by a NULL-pointer dereference in the Border Gateway Protocol daemon (bgpd). \nVersions prior to Quagga 0.99.17 are vulnerable. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201202-02\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Quagga: Multiple vulnerabilities\n Date: February 21, 2012\n Bugs: #334303, #359903, #384651\n ID: 201202-02\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities were found in Quagga, the worst of which\nleading to remote execution of arbitrary code. \n\nBackground\n==========\n\nQuagga is a free routing daemon replacing Zebra supporting RIP, OSPF\nand BGP. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-misc/quagga \u003c 0.99.20 \u003e= 0.99.20\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Quagga. Please review\nthe CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Quagga users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-misc/quagga-0.99.20 \"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-1674\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1674\n[ 2 ] CVE-2010-1675\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1675\n[ 3 ] CVE-2010-2948\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2948\n[ 4 ] CVE-2010-2949\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2949\n[ 5 ] CVE-2011-3323\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3323\n[ 6 ] CVE-2011-3324\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3324\n[ 7 ] CVE-2011-3325\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3325\n[ 8 ] CVE-2011-3326\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3326\n[ 9 ] CVE-2011-3327\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3327\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201202-02.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\nDebian Security Advisory DSA-2104-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nSeptember 06, 2010 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : quagga\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2010-2948 CVE-2010-2949\nDebian Bug : 594262\n\nSeveral remote vulnerabilities have been discovered in the BGP\nimplementation of Quagga, a routing daemon. In some configurations, such crafted AS paths could\n\tbe relayed by intermediate BGP routers. \n\nIn addition, this update contains a reliability fix: Quagga will no\nlonger advertise confederation-related AS paths to non-confederation\npeers, and reject unexpected confederation-related AS paths by\nresetting the session with the BGP peer which is advertising them. \n(Previously, such AS paths would trigger resets of unrelated BGP\nsessions.)\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 0.99.10-1lenny3. \n\nFor the unstable distribution (sid) and the testing distribution\n(squeeze), these problems have been fixed in version 0.99.17-1. \n\nWe recommend that you upgrade your quagga package. \n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10.orig.tar.gz\n Size/MD5 checksum: 2424191 c7a2d92e1c42214afef9b2e1cd4b5d06\n http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3.diff.gz\n Size/MD5 checksum: 42826 100dbb936b3b0f0d4fb4947bf384d369\n http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3.dsc\n Size/MD5 checksum: 1651 f5b9c26538e9d32008ad0256fe4ad0ed\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/q/quagga/quagga-doc_0.99.10-1lenny3_all.deb\n Size/MD5 checksum: 661354 f843c6f765a48f7e071a52d3c7834d2f\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_alpha.deb\n Size/MD5 checksum: 1902990 0f85c30d5f719f9c104f5a8977a5d1a0\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_amd64.deb\n Size/MD5 checksum: 1749952 89a53689c4daf3f0695ea2c21aa93254\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_arm.deb\n Size/MD5 checksum: 1449792 3c53e06e4d27ef8cf391533824668b19\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_armel.deb\n Size/MD5 checksum: 1457202 e52ae364e20ff137c5e0e5f75bfc1ec1\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_hppa.deb\n Size/MD5 checksum: 1683924 c8172ed22b010569949977f407c282b6\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_i386.deb\n Size/MD5 checksum: 1608678 e7b5fbd36e4466cdecaca46f1f96642b\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_ia64.deb\n Size/MD5 checksum: 2256144 75ebe4e12a3e22ef79e5e3dab2d457bf\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_mips.deb\n Size/MD5 checksum: 1605990 f33ef3d9b31f0da900aba6a20bdd188d\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_mipsel.deb\n Size/MD5 checksum: 1601240 68ff751ff9c022cc06db8d0d66895a6e\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_powerpc.deb\n Size/MD5 checksum: 1717802 931505a31bdcc1a7732a9a2e9f295a01\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_s390.deb\n Size/MD5 checksum: 1794990 7d52667f3f37553256e87b77450dc309\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_sparc.deb\n Size/MD5 checksum: 1671232 3706818c39b51bb45c58a0cf8fdba202\n\n\n These files will probably be moved into the stable distribution on\n its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niQEcBAEBAgAGBQJMhUEPAAoJEL97/wQC1SS+dwMH/2tsjv3eQBHu3jvm+jMB7Dr1\n6uRIi/1/DgaaRmVSD41quWSYoww374pkwZ5xjUVZqOQY1N6Y34avnwjN7FsSg8no\nH0Os4uioep8/IKzhse0EyeDZcmm2j8E41j3UZ+aANqWOssGa0MNddj846K3NDw2j\ndRuKUUy4JK8iRSwBLUaXqydAPI2ZjdXVH0Yy/3l51f2Aerm7N565f1ifUh38C6Y0\nIR5BdiA1C6jzV+826VrZaj10cKAPg/Qm31mrNiZMBcVpi2sBJ+zQ8P/G3j7CpEdr\nsITi5UiULGAp+3cGvtPzZDtBxfkLLpVIpNgRPiSHhA+PTjG60HHvPK43OZkPdSY=\n=HP/T\n-----END PGP SIGNATURE-----\n. \n \n Updated packages are available that bring Quagga to version 0.99.17\n which provides numerous bugfixes over the previous 0.99.12 version,\n and also corrects these issues. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2948\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2949\n _______________________________________________________________________\n\n Updated Packages:\n\n Corporate 4.0:\n 982061c8bac57d5878a2dbd9747234f4 corporate/4.0/i586/libquagga0-0.99.17-0.1.20060mlcs4.i586.rpm\n 53b1e909e046539dcfd55f9b1f62e7ea corporate/4.0/i586/libquagga0-devel-0.99.17-0.1.20060mlcs4.i586.rpm\n 796ef3f10f793f6546ce6a0525082fa5 corporate/4.0/i586/quagga-0.99.17-0.1.20060mlcs4.i586.rpm\n 423c4032225687b252ddb3887db1f226 corporate/4.0/i586/quagga-contrib-0.99.17-0.1.20060mlcs4.i586.rpm \n 9f63365fc185a7bdf930a80cb6615c7d corporate/4.0/SRPMS/quagga-0.99.17-0.1.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 9b36814efd0751aa81e38baec0d2bae6 corporate/4.0/x86_64/lib64quagga0-0.99.17-0.1.20060mlcs4.x86_64.rpm\n 64ab6ba845a97236ffd2898e0aef892d corporate/4.0/x86_64/lib64quagga0-devel-0.99.17-0.1.20060mlcs4.x86_64.rpm\n 7d259ae75e30e1d172e340cc232d1ff2 corporate/4.0/x86_64/quagga-0.99.17-0.1.20060mlcs4.x86_64.rpm\n 2f3390db2bae0e0d505ec759e0a15232 corporate/4.0/x86_64/quagga-contrib-0.99.17-0.1.20060mlcs4.x86_64.rpm \n 9f63365fc185a7bdf930a80cb6615c7d corporate/4.0/SRPMS/quagga-0.99.17-0.1.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFMi592mqjQ0CJFipgRAoHFAJ0XDJVqB+SJmOHZ0hrPlMgjTMYeNgCgwxRw\nAMo+uyGwHeG+uyLmOzKKMOs=\n=ahfH\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ===========================================================\nUbuntu Security Notice USN-1027-1 December 07, 2010\nquagga vulnerabilities\nCVE-2010-2948, CVE-2010-2949\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 8.04 LTS\nUbuntu 9.10\nUbuntu 10.04 LTS\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n quagga 0.99.2-1ubuntu3.7\n\nUbuntu 8.04 LTS:\n quagga 0.99.9-2ubuntu1.4\n\nUbuntu 9.10:\n quagga 0.99.13-1ubuntu0.1\n\nUbuntu 10.04 LTS:\n quagga 0.99.15-1ubuntu0.1\n\nIn general, a standard system update will make all the necessary changes. \n\nDetails follow:\n\nIt was discovered that Quagga incorrectly handled certain Outbound Route\nFiltering (ORF) records. \nThe default compiler options for Ubuntu 8.04 LTS and later should reduce\nthe vulnerability to a denial of service. (CVE-2010-2948)\n\nIt was discovered that Quagga incorrectly parsed certain AS paths", "sources": [ { "db": "NVD", "id": "CVE-2010-2949" }, { "db": "JVNDB", "id": "JVNDB-2010-002551" }, { "db": "CNVD", "id": "CNVD-2010-1779" }, { "db": "BID", "id": "42642" }, { "db": "PACKETSTORM", "id": "110033" }, { "db": "PACKETSTORM", "id": "93585" }, { "db": "PACKETSTORM", "id": "93746" }, { "db": "PACKETSTORM", "id": "96482" } ], "trust": 2.79 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2010-2949", "trust": 3.7 }, { "db": "SECUNIA", "id": "41038", "trust": 3.0 }, { "db": "BID", "id": "42642", "trust": 2.7 }, { "db": "SECUNIA", "id": "42446", "trust": 2.4 }, { "db": "VUPEN", "id": "ADV-2010-3124", "trust": 2.4 }, { "db": "VUPEN", "id": "ADV-2010-2304", "trust": 1.6 }, { "db": "VUPEN", "id": "ADV-2010-3097", "trust": 1.6 }, { "db": "SECUNIA", "id": "48106", "trust": 1.6 }, { "db": "SECUNIA", "id": "42397", "trust": 1.6 }, { "db": "SECUNIA", "id": "41238", "trust": 1.6 }, { "db": "SECUNIA", "id": "42498", "trust": 1.6 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2010/08/25/4", "trust": 1.6 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2010/08/24/3", "trust": 1.6 }, { "db": "JVNDB", "id": "JVNDB-2010-002551", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2010-1779", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-201009-094", "trust": 0.6 }, { "db": "PACKETSTORM", "id": "110033", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "93585", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "93746", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "96482", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2010-1779" }, { "db": "BID", "id": "42642" }, { "db": "JVNDB", "id": "JVNDB-2010-002551" }, { "db": "PACKETSTORM", "id": "110033" }, { "db": "PACKETSTORM", "id": "93585" }, { "db": "PACKETSTORM", "id": "93746" }, { "db": "PACKETSTORM", "id": "96482" }, { "db": "CNNVD", "id": "CNNVD-201009-094" }, { "db": "NVD", "id": "CVE-2010-2949" } ] }, "id": "VAR-201009-0230", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2010-1779" } ], "trust": 0.06 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "Network device" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2010-1779" } ] }, "last_update_date": "2024-07-23T22:12:06.629000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "bgpd: fix handling of AS path data", "trust": 0.8, "url": "http://code.quagga.net/?p=quagga.git;a=commit;h=cddb8112b80fa9867156c637d63e6e79eeac67bb" }, { "title": "Index of /releases/quagga", "trust": 0.8, "url": "http://download.savannah.gnu.org/releases/quagga/" }, { "title": "RHSA-2010:0945", "trust": 0.8, "url": "https://rhn.redhat.com/errata/rhsa-2010-0945.html" }, { "title": "Multiple Denial of Service vulnerabilities in Quagga", "trust": 0.8, "url": "https://blogs.oracle.com/sunsecurity/entry/multiple_denial_of_service_vulnerabilities4" }, { "title": "Quagga bgpd null pointer reference denial of service patch", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/919" }, { "title": "quagga-0.99.17.tar", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=34542" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2010-1779" }, { "db": "JVNDB", "id": "JVNDB-2010-002551" }, { "db": "CNNVD", "id": "CNNVD-201009-094" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-Other", "trust": 1.0 }, { "problemtype": "CWE-Other", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2010-002551" }, { "db": "NVD", "id": "CVE-2010-2949" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.4, "url": "http://secunia.com/advisories/41038" }, { "trust": 2.4, "url": "http://secunia.com/advisories/42446" }, { "trust": 2.4, "url": "http://www.securityfocus.com/bid/42642" }, { "trust": 2.4, "url": "http://www.vupen.com/english/advisories/2010/3124" }, { "trust": 1.9, "url": "https://bugzilla.redhat.com/show_bug.cgi?id=626795" }, { "trust": 1.7, "url": "http://security.gentoo.org/glsa/glsa-201202-02.xml" }, { "trust": 1.6, "url": "http://www.debian.org/security/2010/dsa-2104" }, { "trust": 1.6, "url": "http://secunia.com/advisories/48106" }, { "trust": 1.6, "url": "http://www.openwall.com/lists/oss-security/2010/08/25/4" }, { "trust": 1.6, "url": "http://secunia.com/advisories/42397" }, { "trust": 1.6, "url": "http://www.vupen.com/english/advisories/2010/2304" }, { "trust": 1.6, "url": "http://secunia.com/advisories/42498" }, { "trust": 1.6, "url": "http://code.quagga.net/?p=quagga.git%3ba=commit%3bh=cddb8112b80fa9867156c637d63e6e79eeac67bb" }, { "trust": 1.6, "url": "http://www.vupen.com/english/advisories/2010/3097" }, { "trust": 1.6, "url": "http://www.openwall.com/lists/oss-security/2010/08/24/3" }, { "trust": 1.6, "url": "http://www.redhat.com/support/errata/rhsa-2010-0945.html" }, { "trust": 1.6, "url": "http://www.ubuntu.com/usn/usn-1027-1" }, { "trust": 1.6, "url": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html" }, { "trust": 1.6, "url": "http://secunia.com/advisories/41238" }, { "trust": 1.6, "url": "http://www.quagga.net/news2.php?y=2010\u0026m=8\u0026d=19" }, { "trust": 1.6, "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2010:174" }, { "trust": 1.6, "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html" }, { "trust": 0.9, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2949" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2949" }, { "trust": 0.6, "url": "http://secunia.com/advisories/41038/" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2948" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2949" }, { "trust": 0.3, "url": "http://permalink.gmane.org/gmane.comp.security.oss.general/3347" }, { "trust": 0.3, "url": "http://www.quagga.net/news2.php?y=2010\u0026m=8\u0026d=19#id1282241100" }, { "trust": 0.3, "url": "http://www.quagga.net/" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1674" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3323" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2949" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3326" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3325" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3325" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3324" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3324" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1675" }, { "trust": 0.1, "url": "http://creativecommons.org/licenses/by-sa/2.5" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3327" }, { "trust": 0.1, "url": "http://security.gentoo.org/" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3326" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3327" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3323" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2948" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1675" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1674" }, { "trust": 0.1, "url": "https://bugs.gentoo.org." }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_arm.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_s390.deb" }, { "trust": 0.1, "url": "http://www.debian.org/security/faq" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3.diff.gz" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_alpha.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_powerpc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10.orig.tar.gz" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_ia64.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_armel.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga-doc_0.99.10-1lenny3_all.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_hppa.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_amd64.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_mips.deb" }, { "trust": 0.1, "url": "http://packages.debian.org/\u003cpkg\u003e" }, { "trust": 0.1, "url": "http://security.debian.org/" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_mipsel.deb" }, { "trust": 0.1, "url": "http://www.debian.org/security/" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3.dsc" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_i386.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny3_sparc.deb" }, { "trust": 0.1, "url": "http://www.mandriva.com/security/" }, { "trust": 0.1, "url": "http://secunia.com/" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2948" }, { "trust": 0.1, "url": "http://www.mandriva.com/security/advisories" }, { "trust": 0.1, "url": "http://lists.grok.org.uk/full-disclosure-charter.html" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.13-1ubuntu0.1_amd64.deb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/q/quagga/quagga_0.99.9-2ubuntu1.4_sparc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.13-1ubuntu0.1.diff.gz" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/q/quagga/quagga_0.99.13-1ubuntu0.1_powerpc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.15-1ubuntu0.1_amd64.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.13.orig.tar.gz" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga-doc_0.99.13-1ubuntu0.1_all.deb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/q/quagga/quagga_0.99.13-1ubuntu0.1_lpia.deb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/q/quagga/quagga_0.99.15-1ubuntu0.1_sparc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.2-1ubuntu3.7.diff.gz" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.2-1ubuntu3.7_sparc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.2-1ubuntu3.7_amd64.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.9-2ubuntu1.4_amd64.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga-doc_0.99.9-2ubuntu1.4_all.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.2-1ubuntu3.7_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.13-1ubuntu0.1.dsc" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.15-1ubuntu0.1_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga-doc_0.99.15-1ubuntu0.1_all.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.15-1ubuntu0.1.diff.gz" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/q/quagga/quagga_0.99.9-2ubuntu1.4_powerpc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.13-1ubuntu0.1_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.9-2ubuntu1.4.dsc" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.2.orig.tar.gz" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.2-1ubuntu3.7.dsc" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.9.orig.tar.gz" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga-doc_0.99.2-1ubuntu3.7_all.deb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/q/quagga/quagga_0.99.15-1ubuntu0.1_armel.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.9-2ubuntu1.4_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.15-1ubuntu0.1.dsc" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/q/quagga/quagga_0.99.13-1ubuntu0.1_sparc.deb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/q/quagga/quagga_0.99.13-1ubuntu0.1_armel.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.2-1ubuntu3.7_powerpc.deb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/q/quagga/quagga_0.99.15-1ubuntu0.1_powerpc.deb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/q/quagga/quagga_0.99.9-2ubuntu1.4_lpia.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.9-2ubuntu1.4.diff.gz" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.15.orig.tar.gz" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2010-1779" }, { "db": "BID", "id": "42642" }, { "db": "JVNDB", "id": "JVNDB-2010-002551" }, { "db": "PACKETSTORM", "id": "110033" }, { "db": "PACKETSTORM", "id": "93585" }, { "db": "PACKETSTORM", "id": "93746" }, { "db": "PACKETSTORM", "id": "96482" }, { "db": "CNNVD", "id": "CNNVD-201009-094" }, { "db": "NVD", "id": "CVE-2010-2949" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2010-1779" }, { "db": "BID", "id": "42642" }, { "db": "JVNDB", "id": "JVNDB-2010-002551" }, { "db": "PACKETSTORM", "id": "110033" }, { "db": "PACKETSTORM", "id": "93585" }, { "db": "PACKETSTORM", "id": "93746" }, { "db": "PACKETSTORM", "id": "96482" }, { "db": "CNNVD", "id": "CNNVD-201009-094" }, { "db": "NVD", "id": "CVE-2010-2949" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2010-09-03T00:00:00", "db": "CNVD", "id": "CNVD-2010-1779" }, { "date": "2010-08-24T00:00:00", "db": "BID", "id": "42642" }, { "date": "2010-12-24T00:00:00", "db": "JVNDB", "id": "JVNDB-2010-002551" }, { "date": "2012-02-22T02:10:03", "db": "PACKETSTORM", "id": "110033" }, { "date": "2010-09-08T03:57:17", "db": "PACKETSTORM", "id": "93585" }, { "date": "2010-09-11T19:28:36", "db": "PACKETSTORM", "id": "93746" }, { "date": "2010-12-08T19:17:16", "db": "PACKETSTORM", "id": "96482" }, { "date": "2010-08-24T00:00:00", "db": "CNNVD", "id": "CNNVD-201009-094" }, { "date": "2010-09-10T19:00:02.597000", "db": "NVD", "id": "CVE-2010-2949" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2010-09-03T00:00:00", "db": "CNVD", "id": "CNVD-2010-1779" }, { "date": "2013-07-18T18:23:00", "db": "BID", "id": "42642" }, { "date": "2012-04-17T00:00:00", "db": "JVNDB", "id": "JVNDB-2010-002551" }, { "date": "2023-02-14T00:00:00", "db": "CNNVD", "id": "CNNVD-201009-094" }, { "date": "2023-02-13T04:21:24.037000", "db": "NVD", "id": "CVE-2010-2949" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "110033" }, { "db": "PACKETSTORM", "id": "93585" }, { "db": "PACKETSTORM", "id": "93746" }, { "db": "PACKETSTORM", "id": "96482" }, { "db": "CNNVD", "id": "CNNVD-201009-094" } ], "trust": 1.0 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Quagga of bgpd Service disruption in (DoS) Vulnerabilities", "sources": [ { "db": "JVNDB", "id": "JVNDB-2010-002551" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-201009-094" } ], "trust": 0.6 } }
gsd-2010-2949
Vulnerability from gsd
{ "GSD": { "alias": "CVE-2010-2949", "description": "bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message.", "id": "GSD-2010-2949", "references": [ "https://www.suse.com/security/cve/CVE-2010-2949.html", "https://www.debian.org/security/2010/dsa-2104", "https://access.redhat.com/errata/RHSA-2010:0945", "https://linux.oracle.com/cve/CVE-2010-2949.html" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2010-2949" ], "details": "bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message.", "id": "GSD-2010-2949", "modified": "2023-12-13T01:21:31.367513Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2010-2949", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_affected": "=", "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html" }, { "name": "http://secunia.com/advisories/42397", "refsource": "MISC", "url": "http://secunia.com/advisories/42397" }, { "name": "http://www.vupen.com/english/advisories/2010/3097", "refsource": "MISC", "url": "http://www.vupen.com/english/advisories/2010/3097" }, { "name": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html" }, { "name": "http://secunia.com/advisories/41038", "refsource": "MISC", "url": "http://secunia.com/advisories/41038" }, { "name": "http://secunia.com/advisories/41238", "refsource": "MISC", "url": "http://secunia.com/advisories/41238" }, { "name": "http://secunia.com/advisories/42446", "refsource": "MISC", "url": "http://secunia.com/advisories/42446" }, { "name": "http://secunia.com/advisories/42498", "refsource": "MISC", "url": "http://secunia.com/advisories/42498" }, { "name": "http://secunia.com/advisories/48106", "refsource": "MISC", "url": "http://secunia.com/advisories/48106" }, { "name": "http://security.gentoo.org/glsa/glsa-201202-02.xml", "refsource": "MISC", "url": "http://security.gentoo.org/glsa/glsa-201202-02.xml" }, { "name": "http://www.debian.org/security/2010/dsa-2104", "refsource": "MISC", "url": "http://www.debian.org/security/2010/dsa-2104" }, { "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:174", "refsource": "MISC", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:174" }, { "name": "http://www.openwall.com/lists/oss-security/2010/08/24/3", "refsource": "MISC", "url": "http://www.openwall.com/lists/oss-security/2010/08/24/3" }, { "name": "http://www.openwall.com/lists/oss-security/2010/08/25/4", "refsource": "MISC", "url": "http://www.openwall.com/lists/oss-security/2010/08/25/4" }, { "name": "http://www.quagga.net/news2.php?y=2010\u0026m=8\u0026d=19", "refsource": "MISC", "url": "http://www.quagga.net/news2.php?y=2010\u0026m=8\u0026d=19" }, { "name": "http://www.redhat.com/support/errata/RHSA-2010-0945.html", "refsource": "MISC", "url": "http://www.redhat.com/support/errata/RHSA-2010-0945.html" }, { "name": "http://www.ubuntu.com/usn/USN-1027-1", "refsource": "MISC", "url": "http://www.ubuntu.com/usn/USN-1027-1" }, { "name": "http://www.vupen.com/english/advisories/2010/2304", "refsource": "MISC", "url": "http://www.vupen.com/english/advisories/2010/2304" }, { "name": "http://www.vupen.com/english/advisories/2010/3124", "refsource": "MISC", "url": "http://www.vupen.com/english/advisories/2010/3124" }, { "name": "http://code.quagga.net/?p=quagga.git%3Ba=commit%3Bh=cddb8112b80fa9867156c637d63e6e79eeac67bb", "refsource": "MISC", "url": "http://code.quagga.net/?p=quagga.git%3Ba=commit%3Bh=cddb8112b80fa9867156c637d63e6e79eeac67bb" }, { "name": "http://www.securityfocus.com/bid/42642", "refsource": "MISC", "url": "http://www.securityfocus.com/bid/42642" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=626795", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=626795" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.97.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.98.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.96.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.96.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.98.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "0.99.16", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.98.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.96.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.98.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.97.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.98.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.97.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.98.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.98.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.97.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.97.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.97.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2010-2949" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ] } ] }, "references": { "reference_data": [ { "name": "ADV-2010-2304", "refsource": "VUPEN", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/2304" }, { "name": "http://www.quagga.net/news2.php?y=2010\u0026m=8\u0026d=19", "refsource": "CONFIRM", "tags": [], "url": "http://www.quagga.net/news2.php?y=2010\u0026m=8\u0026d=19" }, { "name": "41238", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/41238" }, { "name": "[oss-security] 20100825 Re: CVE Request -- Quagga (bgpd) [two ids] -- 1, Stack buffer overflow by processing crafted Refresh-Route msgs 2, NULL ptr deref by parsing certain AS paths by BGP update request", "refsource": "MLIST", "tags": [], "url": "http://www.openwall.com/lists/oss-security/2010/08/25/4" }, { "name": "DSA-2104", "refsource": "DEBIAN", "tags": [], "url": "http://www.debian.org/security/2010/dsa-2104" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=626795", "refsource": "CONFIRM", "tags": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=626795" }, { "name": "[oss-security] 20100824 CVE Request -- Quagga (bgpd) [two ids] -- 1, Stack buffer overflow by processing crafted Refresh-Route msgs 2, NULL ptr deref by parsing certain AS paths by BGP update request", "refsource": "MLIST", "tags": [], "url": "http://www.openwall.com/lists/oss-security/2010/08/24/3" }, { "name": "42642", "refsource": "BID", "tags": [], "url": "http://www.securityfocus.com/bid/42642" }, { "name": "41038", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/41038" }, { "name": "MDVSA-2010:174", "refsource": "MANDRIVA", "tags": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:174" }, { "name": "SUSE-SR:2010:022", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html" }, { "name": "42397", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/42397" }, { "name": "ADV-2010-3097", "refsource": "VUPEN", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/3097" }, { "name": "42498", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/42498" }, { "name": "ADV-2010-3124", "refsource": "VUPEN", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/3124" }, { "name": "USN-1027-1", "refsource": "UBUNTU", "tags": [], "url": "http://www.ubuntu.com/usn/USN-1027-1" }, { "name": "RHSA-2010:0945", "refsource": "REDHAT", "tags": [], "url": "http://www.redhat.com/support/errata/RHSA-2010-0945.html" }, { "name": "42446", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/42446" }, { "name": "SUSE-SU-2011:1316", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html" }, { "name": "GLSA-201202-02", "refsource": "GENTOO", "tags": [], "url": "http://security.gentoo.org/glsa/glsa-201202-02.xml" }, { "name": "48106", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/48106" }, { "name": "http://code.quagga.net/?p=quagga.git%3Ba=commit%3Bh=cddb8112b80fa9867156c637d63e6e79eeac67bb", "refsource": "MISC", "tags": [], "url": "http://code.quagga.net/?p=quagga.git%3Ba=commit%3Bh=cddb8112b80fa9867156c637d63e6e79eeac67bb" } ] } }, "impact": { "baseMetricV2": { "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false } }, "lastModifiedDate": "2023-02-13T04:21Z", "publishedDate": "2010-09-10T19:00Z" } } }
rhsa-2010_0945
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated quagga packages that fix two security issues are now available for\nRed Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon\nimplements the BGP (Border Gateway Protocol) routing protocol.\n\nA stack-based buffer overflow flaw was found in the way the Quagga bgpd\ndaemon processed certain BGP Route Refresh (RR) messages. A configured BGP\npeer could send a specially-crafted BGP message, causing bgpd on a target\nsystem to crash or, possibly, execute arbitrary code with the privileges of\nthe user running bgpd. (CVE-2010-2948)\n\nNote: On Red Hat Enterprise Linux 6 it is not possible to exploit\nCVE-2010-2948 to run arbitrary code as the overflow is blocked by\nFORTIFY_SOURCE.\n\nA NULL pointer dereference flaw was found in the way the Quagga bgpd daemon\nparsed the paths of autonomous systems (AS). A configured BGP peer could\ncrash bgpd on a target system via a specially-crafted BGP message.\n(CVE-2010-2949)\n\nUsers of quagga should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the bgpd daemon must be restarted for the update to take effect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2010:0945", "url": "https://access.redhat.com/errata/RHSA-2010:0945" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "626783", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=626783" }, { "category": "external", "summary": "626795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=626795" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0945.json" } ], "title": "Red Hat Security Advisory: quagga security update", "tracking": { "current_release_date": "2024-11-22T03:43:37+00:00", "generator": { "date": "2024-11-22T03:43:37+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2010:0945", "initial_release_date": "2010-12-06T19:14:00+00:00", "revision_history": [ { "date": "2010-12-06T19:14:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2010-12-06T14:21:22+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T03:43:37+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Server (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "quagga-0:0.99.15-5.el6_0.1.src", "product": { "name": "quagga-0:0.99.15-5.el6_0.1.src", "product_id": "quagga-0:0.99.15-5.el6_0.1.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/quagga@0.99.15-5.el6_0.1?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "quagga-contrib-0:0.99.15-5.el6_0.1.i686", "product": { "name": "quagga-contrib-0:0.99.15-5.el6_0.1.i686", "product_id": "quagga-contrib-0:0.99.15-5.el6_0.1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/quagga-contrib@0.99.15-5.el6_0.1?arch=i686" } } }, { "category": "product_version", "name": "quagga-devel-0:0.99.15-5.el6_0.1.i686", "product": { "name": "quagga-devel-0:0.99.15-5.el6_0.1.i686", "product_id": "quagga-devel-0:0.99.15-5.el6_0.1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/quagga-devel@0.99.15-5.el6_0.1?arch=i686" } } }, { "category": "product_version", "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "product": { "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "product_id": "quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/quagga-debuginfo@0.99.15-5.el6_0.1?arch=i686" } } }, { "category": "product_version", "name": "quagga-0:0.99.15-5.el6_0.1.i686", "product": { "name": "quagga-0:0.99.15-5.el6_0.1.i686", "product_id": "quagga-0:0.99.15-5.el6_0.1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/quagga@0.99.15-5.el6_0.1?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "product": { "name": "quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "product_id": "quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/quagga-contrib@0.99.15-5.el6_0.1?arch=ppc64" } } }, { "category": "product_version", "name": "quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "product": { "name": "quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "product_id": "quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/quagga-devel@0.99.15-5.el6_0.1?arch=ppc64" } } }, { "category": "product_version", "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "product": { "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "product_id": "quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/quagga-debuginfo@0.99.15-5.el6_0.1?arch=ppc64" } } }, { "category": "product_version", "name": "quagga-0:0.99.15-5.el6_0.1.ppc64", "product": { "name": "quagga-0:0.99.15-5.el6_0.1.ppc64", "product_id": "quagga-0:0.99.15-5.el6_0.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/quagga@0.99.15-5.el6_0.1?arch=ppc64" } } } ], "category": "architecture", "name": "ppc64" }, { "branches": [ { "category": "product_version", "name": "quagga-devel-0:0.99.15-5.el6_0.1.ppc", "product": { "name": "quagga-devel-0:0.99.15-5.el6_0.1.ppc", "product_id": "quagga-devel-0:0.99.15-5.el6_0.1.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/quagga-devel@0.99.15-5.el6_0.1?arch=ppc" } } }, { "category": "product_version", "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "product": { "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "product_id": "quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/quagga-debuginfo@0.99.15-5.el6_0.1?arch=ppc" } } } ], "category": "architecture", "name": "ppc" }, { "branches": [ { "category": "product_version", "name": "quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "product": { "name": "quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "product_id": "quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/quagga-contrib@0.99.15-5.el6_0.1?arch=s390x" } } }, { "category": "product_version", "name": "quagga-devel-0:0.99.15-5.el6_0.1.s390x", "product": { "name": "quagga-devel-0:0.99.15-5.el6_0.1.s390x", "product_id": "quagga-devel-0:0.99.15-5.el6_0.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/quagga-devel@0.99.15-5.el6_0.1?arch=s390x" } } }, { "category": "product_version", "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "product": { "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "product_id": "quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/quagga-debuginfo@0.99.15-5.el6_0.1?arch=s390x" } } }, { "category": "product_version", "name": "quagga-0:0.99.15-5.el6_0.1.s390x", "product": { "name": "quagga-0:0.99.15-5.el6_0.1.s390x", "product_id": "quagga-0:0.99.15-5.el6_0.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/quagga@0.99.15-5.el6_0.1?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "quagga-devel-0:0.99.15-5.el6_0.1.s390", "product": { "name": "quagga-devel-0:0.99.15-5.el6_0.1.s390", "product_id": "quagga-devel-0:0.99.15-5.el6_0.1.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/quagga-devel@0.99.15-5.el6_0.1?arch=s390" } } }, { "category": "product_version", "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "product": { "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "product_id": "quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/quagga-debuginfo@0.99.15-5.el6_0.1?arch=s390" } } } ], "category": "architecture", "name": "s390" }, { "branches": [ { "category": "product_version", "name": "quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "product": { "name": "quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "product_id": "quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/quagga-contrib@0.99.15-5.el6_0.1?arch=x86_64" } } }, { "category": "product_version", "name": "quagga-devel-0:0.99.15-5.el6_0.1.x86_64", "product": { "name": "quagga-devel-0:0.99.15-5.el6_0.1.x86_64", "product_id": "quagga-devel-0:0.99.15-5.el6_0.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/quagga-devel@0.99.15-5.el6_0.1?arch=x86_64" } } }, { "category": "product_version", "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "product": { "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "product_id": "quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/quagga-debuginfo@0.99.15-5.el6_0.1?arch=x86_64" } } }, { "category": "product_version", "name": "quagga-0:0.99.15-5.el6_0.1.x86_64", "product": { "name": "quagga-0:0.99.15-5.el6_0.1.x86_64", "product_id": "quagga-0:0.99.15-5.el6_0.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/quagga@0.99.15-5.el6_0.1?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "quagga-0:0.99.15-5.el6_0.1.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional:quagga-0:0.99.15-5.el6_0.1.i686" }, "product_reference": "quagga-0:0.99.15-5.el6_0.1.i686", "relates_to_product_reference": "6Server-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-0:0.99.15-5.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional:quagga-0:0.99.15-5.el6_0.1.ppc64" }, "product_reference": "quagga-0:0.99.15-5.el6_0.1.ppc64", "relates_to_product_reference": "6Server-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-0:0.99.15-5.el6_0.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional:quagga-0:0.99.15-5.el6_0.1.s390x" }, "product_reference": "quagga-0:0.99.15-5.el6_0.1.s390x", "relates_to_product_reference": "6Server-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-0:0.99.15-5.el6_0.1.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional:quagga-0:0.99.15-5.el6_0.1.src" }, "product_reference": "quagga-0:0.99.15-5.el6_0.1.src", "relates_to_product_reference": "6Server-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-0:0.99.15-5.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional:quagga-0:0.99.15-5.el6_0.1.x86_64" }, "product_reference": "quagga-0:0.99.15-5.el6_0.1.x86_64", "relates_to_product_reference": "6Server-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-contrib-0:0.99.15-5.el6_0.1.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional:quagga-contrib-0:0.99.15-5.el6_0.1.i686" }, "product_reference": "quagga-contrib-0:0.99.15-5.el6_0.1.i686", "relates_to_product_reference": "6Server-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-contrib-0:0.99.15-5.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional:quagga-contrib-0:0.99.15-5.el6_0.1.ppc64" }, "product_reference": "quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "relates_to_product_reference": "6Server-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-contrib-0:0.99.15-5.el6_0.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional:quagga-contrib-0:0.99.15-5.el6_0.1.s390x" }, "product_reference": "quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "relates_to_product_reference": "6Server-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-contrib-0:0.99.15-5.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional:quagga-contrib-0:0.99.15-5.el6_0.1.x86_64" }, "product_reference": "quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "relates_to_product_reference": "6Server-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.i686" }, "product_reference": "quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "relates_to_product_reference": "6Server-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc" }, "product_reference": "quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "relates_to_product_reference": "6Server-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64" }, "product_reference": "quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "relates_to_product_reference": "6Server-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390" }, "product_reference": "quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "relates_to_product_reference": "6Server-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x" }, "product_reference": "quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "relates_to_product_reference": "6Server-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64" }, "product_reference": "quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "relates_to_product_reference": "6Server-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-devel-0:0.99.15-5.el6_0.1.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.i686" }, "product_reference": "quagga-devel-0:0.99.15-5.el6_0.1.i686", "relates_to_product_reference": "6Server-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-devel-0:0.99.15-5.el6_0.1.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.ppc" }, "product_reference": "quagga-devel-0:0.99.15-5.el6_0.1.ppc", "relates_to_product_reference": "6Server-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-devel-0:0.99.15-5.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.ppc64" }, "product_reference": "quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "relates_to_product_reference": "6Server-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-devel-0:0.99.15-5.el6_0.1.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.s390" }, "product_reference": "quagga-devel-0:0.99.15-5.el6_0.1.s390", "relates_to_product_reference": "6Server-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-devel-0:0.99.15-5.el6_0.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.s390x" }, "product_reference": "quagga-devel-0:0.99.15-5.el6_0.1.s390x", "relates_to_product_reference": "6Server-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-devel-0:0.99.15-5.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.x86_64" }, "product_reference": "quagga-devel-0:0.99.15-5.el6_0.1.x86_64", "relates_to_product_reference": "6Server-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-0:0.99.15-5.el6_0.1.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:quagga-0:0.99.15-5.el6_0.1.i686" }, "product_reference": "quagga-0:0.99.15-5.el6_0.1.i686", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-0:0.99.15-5.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:quagga-0:0.99.15-5.el6_0.1.ppc64" }, "product_reference": "quagga-0:0.99.15-5.el6_0.1.ppc64", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-0:0.99.15-5.el6_0.1.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:quagga-0:0.99.15-5.el6_0.1.s390x" }, "product_reference": "quagga-0:0.99.15-5.el6_0.1.s390x", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-0:0.99.15-5.el6_0.1.src as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:quagga-0:0.99.15-5.el6_0.1.src" }, "product_reference": "quagga-0:0.99.15-5.el6_0.1.src", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-0:0.99.15-5.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:quagga-0:0.99.15-5.el6_0.1.x86_64" }, "product_reference": "quagga-0:0.99.15-5.el6_0.1.x86_64", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-contrib-0:0.99.15-5.el6_0.1.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:quagga-contrib-0:0.99.15-5.el6_0.1.i686" }, "product_reference": "quagga-contrib-0:0.99.15-5.el6_0.1.i686", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-contrib-0:0.99.15-5.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:quagga-contrib-0:0.99.15-5.el6_0.1.ppc64" }, "product_reference": "quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-contrib-0:0.99.15-5.el6_0.1.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:quagga-contrib-0:0.99.15-5.el6_0.1.s390x" }, "product_reference": "quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-contrib-0:0.99.15-5.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:quagga-contrib-0:0.99.15-5.el6_0.1.x86_64" }, "product_reference": "quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.i686" }, "product_reference": "quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc" }, "product_reference": "quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64" }, "product_reference": "quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.s390 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390" }, "product_reference": "quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x" }, "product_reference": "quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64" }, "product_reference": "quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-devel-0:0.99.15-5.el6_0.1.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:quagga-devel-0:0.99.15-5.el6_0.1.i686" }, "product_reference": "quagga-devel-0:0.99.15-5.el6_0.1.i686", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-devel-0:0.99.15-5.el6_0.1.ppc as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:quagga-devel-0:0.99.15-5.el6_0.1.ppc" }, "product_reference": "quagga-devel-0:0.99.15-5.el6_0.1.ppc", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-devel-0:0.99.15-5.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:quagga-devel-0:0.99.15-5.el6_0.1.ppc64" }, "product_reference": "quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-devel-0:0.99.15-5.el6_0.1.s390 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:quagga-devel-0:0.99.15-5.el6_0.1.s390" }, "product_reference": "quagga-devel-0:0.99.15-5.el6_0.1.s390", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-devel-0:0.99.15-5.el6_0.1.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:quagga-devel-0:0.99.15-5.el6_0.1.s390x" }, "product_reference": "quagga-devel-0:0.99.15-5.el6_0.1.s390x", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-devel-0:0.99.15-5.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:quagga-devel-0:0.99.15-5.el6_0.1.x86_64" }, "product_reference": "quagga-devel-0:0.99.15-5.el6_0.1.x86_64", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-0:0.99.15-5.el6_0.1.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.i686" }, "product_reference": "quagga-0:0.99.15-5.el6_0.1.i686", "relates_to_product_reference": "6Workstation-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-0:0.99.15-5.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.ppc64" }, "product_reference": "quagga-0:0.99.15-5.el6_0.1.ppc64", "relates_to_product_reference": "6Workstation-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-0:0.99.15-5.el6_0.1.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.s390x" }, "product_reference": "quagga-0:0.99.15-5.el6_0.1.s390x", "relates_to_product_reference": "6Workstation-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-0:0.99.15-5.el6_0.1.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.src" }, "product_reference": "quagga-0:0.99.15-5.el6_0.1.src", "relates_to_product_reference": "6Workstation-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-0:0.99.15-5.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.x86_64" }, "product_reference": "quagga-0:0.99.15-5.el6_0.1.x86_64", "relates_to_product_reference": "6Workstation-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-contrib-0:0.99.15-5.el6_0.1.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional:quagga-contrib-0:0.99.15-5.el6_0.1.i686" }, "product_reference": "quagga-contrib-0:0.99.15-5.el6_0.1.i686", "relates_to_product_reference": "6Workstation-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-contrib-0:0.99.15-5.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional:quagga-contrib-0:0.99.15-5.el6_0.1.ppc64" }, "product_reference": "quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "relates_to_product_reference": "6Workstation-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-contrib-0:0.99.15-5.el6_0.1.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional:quagga-contrib-0:0.99.15-5.el6_0.1.s390x" }, "product_reference": "quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "relates_to_product_reference": "6Workstation-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-contrib-0:0.99.15-5.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional:quagga-contrib-0:0.99.15-5.el6_0.1.x86_64" }, "product_reference": "quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "relates_to_product_reference": "6Workstation-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.i686" }, "product_reference": "quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "relates_to_product_reference": "6Workstation-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc" }, "product_reference": "quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "relates_to_product_reference": "6Workstation-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64" }, "product_reference": "quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "relates_to_product_reference": "6Workstation-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390" }, "product_reference": "quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "relates_to_product_reference": "6Workstation-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x" }, "product_reference": "quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "relates_to_product_reference": "6Workstation-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64" }, "product_reference": "quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "relates_to_product_reference": "6Workstation-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-devel-0:0.99.15-5.el6_0.1.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.i686" }, "product_reference": "quagga-devel-0:0.99.15-5.el6_0.1.i686", "relates_to_product_reference": "6Workstation-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-devel-0:0.99.15-5.el6_0.1.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.ppc" }, "product_reference": "quagga-devel-0:0.99.15-5.el6_0.1.ppc", "relates_to_product_reference": "6Workstation-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-devel-0:0.99.15-5.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.ppc64" }, "product_reference": "quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "relates_to_product_reference": "6Workstation-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-devel-0:0.99.15-5.el6_0.1.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.s390" }, "product_reference": "quagga-devel-0:0.99.15-5.el6_0.1.s390", "relates_to_product_reference": "6Workstation-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-devel-0:0.99.15-5.el6_0.1.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.s390x" }, "product_reference": "quagga-devel-0:0.99.15-5.el6_0.1.s390x", "relates_to_product_reference": "6Workstation-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-devel-0:0.99.15-5.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.x86_64" }, "product_reference": "quagga-devel-0:0.99.15-5.el6_0.1.x86_64", "relates_to_product_reference": "6Workstation-optional" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-0:0.99.15-5.el6_0.1.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:quagga-0:0.99.15-5.el6_0.1.i686" }, "product_reference": "quagga-0:0.99.15-5.el6_0.1.i686", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-0:0.99.15-5.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:quagga-0:0.99.15-5.el6_0.1.ppc64" }, "product_reference": "quagga-0:0.99.15-5.el6_0.1.ppc64", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-0:0.99.15-5.el6_0.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:quagga-0:0.99.15-5.el6_0.1.s390x" }, "product_reference": "quagga-0:0.99.15-5.el6_0.1.s390x", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-0:0.99.15-5.el6_0.1.src as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:quagga-0:0.99.15-5.el6_0.1.src" }, "product_reference": "quagga-0:0.99.15-5.el6_0.1.src", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-0:0.99.15-5.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:quagga-0:0.99.15-5.el6_0.1.x86_64" }, "product_reference": "quagga-0:0.99.15-5.el6_0.1.x86_64", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-contrib-0:0.99.15-5.el6_0.1.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:quagga-contrib-0:0.99.15-5.el6_0.1.i686" }, "product_reference": "quagga-contrib-0:0.99.15-5.el6_0.1.i686", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-contrib-0:0.99.15-5.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:quagga-contrib-0:0.99.15-5.el6_0.1.ppc64" }, "product_reference": "quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-contrib-0:0.99.15-5.el6_0.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:quagga-contrib-0:0.99.15-5.el6_0.1.s390x" }, "product_reference": "quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-contrib-0:0.99.15-5.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:quagga-contrib-0:0.99.15-5.el6_0.1.x86_64" }, "product_reference": "quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.i686" }, "product_reference": "quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc" }, "product_reference": "quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64" }, "product_reference": "quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390" }, "product_reference": "quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x" }, "product_reference": "quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64" }, "product_reference": "quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-devel-0:0.99.15-5.el6_0.1.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.i686" }, "product_reference": "quagga-devel-0:0.99.15-5.el6_0.1.i686", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-devel-0:0.99.15-5.el6_0.1.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.ppc" }, "product_reference": "quagga-devel-0:0.99.15-5.el6_0.1.ppc", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-devel-0:0.99.15-5.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.ppc64" }, "product_reference": "quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-devel-0:0.99.15-5.el6_0.1.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.s390" }, "product_reference": "quagga-devel-0:0.99.15-5.el6_0.1.s390", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-devel-0:0.99.15-5.el6_0.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.s390x" }, "product_reference": "quagga-devel-0:0.99.15-5.el6_0.1.s390x", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "quagga-devel-0:0.99.15-5.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.x86_64" }, "product_reference": "quagga-devel-0:0.99.15-5.el6_0.1.x86_64", "relates_to_product_reference": "6Workstation" } ] }, "vulnerabilities": [ { "cve": "CVE-2010-2948", "cwe": { "id": "CWE-121", "name": "Stack-based Buffer Overflow" }, "discovery_date": "2010-08-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "626783" } ], "notes": [ { "category": "description", "text": "Stack-based buffer overflow in the bgp_route_refresh_receive function in bgp_packet.c in bgpd in Quagga before 0.99.17 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a malformed Outbound Route Filtering (ORF) record in a BGP ROUTE-REFRESH (RR) message.", "title": "Vulnerability description" }, { "category": "summary", "text": "(bgpd): Stack buffer overflow by processing certain Route-Refresh messages", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue is not planned to be fixed in Red Hat Enterprise Linux 3\ndue to this product being in Production 3 of its maintenance\nlife-cycle, where only qualified security errata of important and\ncritical impact are addressed.\n\nFor further information about the Errata Support Policy, visit:\nhttp://www.redhat.com/security/updates/errata\n\nA future update in Red Hat Enterprise Linux 4 and\nRed Hat Enterprise Linux 5 may address this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-optional:quagga-0:0.99.15-5.el6_0.1.i686", "6Server-optional:quagga-0:0.99.15-5.el6_0.1.ppc64", "6Server-optional:quagga-0:0.99.15-5.el6_0.1.s390x", "6Server-optional:quagga-0:0.99.15-5.el6_0.1.src", "6Server-optional:quagga-0:0.99.15-5.el6_0.1.x86_64", "6Server-optional:quagga-contrib-0:0.99.15-5.el6_0.1.i686", "6Server-optional:quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "6Server-optional:quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "6Server-optional:quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.i686", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.ppc", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.s390", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.s390x", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.x86_64", "6Server:quagga-0:0.99.15-5.el6_0.1.i686", "6Server:quagga-0:0.99.15-5.el6_0.1.ppc64", "6Server:quagga-0:0.99.15-5.el6_0.1.s390x", "6Server:quagga-0:0.99.15-5.el6_0.1.src", "6Server:quagga-0:0.99.15-5.el6_0.1.x86_64", "6Server:quagga-contrib-0:0.99.15-5.el6_0.1.i686", "6Server:quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "6Server:quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "6Server:quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.i686", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.ppc", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.s390", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.s390x", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.x86_64", "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.i686", "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.ppc64", "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.s390x", "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.src", "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.x86_64", "6Workstation-optional:quagga-contrib-0:0.99.15-5.el6_0.1.i686", "6Workstation-optional:quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "6Workstation-optional:quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "6Workstation-optional:quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.i686", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.ppc", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.s390", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.s390x", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.x86_64", "6Workstation:quagga-0:0.99.15-5.el6_0.1.i686", "6Workstation:quagga-0:0.99.15-5.el6_0.1.ppc64", "6Workstation:quagga-0:0.99.15-5.el6_0.1.s390x", "6Workstation:quagga-0:0.99.15-5.el6_0.1.src", "6Workstation:quagga-0:0.99.15-5.el6_0.1.x86_64", "6Workstation:quagga-contrib-0:0.99.15-5.el6_0.1.i686", "6Workstation:quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "6Workstation:quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "6Workstation:quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.i686", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.ppc", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.s390", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.s390x", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2010-2948" }, { "category": "external", "summary": "RHBZ#626783", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=626783" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2010-2948", "url": "https://www.cve.org/CVERecord?id=CVE-2010-2948" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-2948", "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2948" } ], "release_date": "2010-08-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-12-06T19:14:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "6Server-optional:quagga-0:0.99.15-5.el6_0.1.i686", "6Server-optional:quagga-0:0.99.15-5.el6_0.1.ppc64", "6Server-optional:quagga-0:0.99.15-5.el6_0.1.s390x", "6Server-optional:quagga-0:0.99.15-5.el6_0.1.src", "6Server-optional:quagga-0:0.99.15-5.el6_0.1.x86_64", "6Server-optional:quagga-contrib-0:0.99.15-5.el6_0.1.i686", "6Server-optional:quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "6Server-optional:quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "6Server-optional:quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.i686", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.ppc", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.s390", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.s390x", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.x86_64", "6Server:quagga-0:0.99.15-5.el6_0.1.i686", "6Server:quagga-0:0.99.15-5.el6_0.1.ppc64", "6Server:quagga-0:0.99.15-5.el6_0.1.s390x", "6Server:quagga-0:0.99.15-5.el6_0.1.src", "6Server:quagga-0:0.99.15-5.el6_0.1.x86_64", "6Server:quagga-contrib-0:0.99.15-5.el6_0.1.i686", "6Server:quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "6Server:quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "6Server:quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.i686", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.ppc", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.s390", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.s390x", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.x86_64", "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.i686", "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.ppc64", "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.s390x", "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.src", "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.x86_64", "6Workstation-optional:quagga-contrib-0:0.99.15-5.el6_0.1.i686", "6Workstation-optional:quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "6Workstation-optional:quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "6Workstation-optional:quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.i686", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.ppc", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.s390", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.s390x", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.x86_64", "6Workstation:quagga-0:0.99.15-5.el6_0.1.i686", "6Workstation:quagga-0:0.99.15-5.el6_0.1.ppc64", "6Workstation:quagga-0:0.99.15-5.el6_0.1.s390x", "6Workstation:quagga-0:0.99.15-5.el6_0.1.src", "6Workstation:quagga-0:0.99.15-5.el6_0.1.x86_64", "6Workstation:quagga-contrib-0:0.99.15-5.el6_0.1.i686", "6Workstation:quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "6Workstation:quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "6Workstation:quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.i686", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.ppc", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.s390", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.s390x", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0945" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Server-optional:quagga-0:0.99.15-5.el6_0.1.i686", "6Server-optional:quagga-0:0.99.15-5.el6_0.1.ppc64", "6Server-optional:quagga-0:0.99.15-5.el6_0.1.s390x", "6Server-optional:quagga-0:0.99.15-5.el6_0.1.src", "6Server-optional:quagga-0:0.99.15-5.el6_0.1.x86_64", "6Server-optional:quagga-contrib-0:0.99.15-5.el6_0.1.i686", "6Server-optional:quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "6Server-optional:quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "6Server-optional:quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.i686", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.ppc", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.s390", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.s390x", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.x86_64", "6Server:quagga-0:0.99.15-5.el6_0.1.i686", "6Server:quagga-0:0.99.15-5.el6_0.1.ppc64", "6Server:quagga-0:0.99.15-5.el6_0.1.s390x", "6Server:quagga-0:0.99.15-5.el6_0.1.src", "6Server:quagga-0:0.99.15-5.el6_0.1.x86_64", "6Server:quagga-contrib-0:0.99.15-5.el6_0.1.i686", "6Server:quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "6Server:quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "6Server:quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.i686", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.ppc", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.s390", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.s390x", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.x86_64", "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.i686", "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.ppc64", "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.s390x", "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.src", "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.x86_64", "6Workstation-optional:quagga-contrib-0:0.99.15-5.el6_0.1.i686", "6Workstation-optional:quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "6Workstation-optional:quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "6Workstation-optional:quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.i686", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.ppc", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.s390", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.s390x", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.x86_64", "6Workstation:quagga-0:0.99.15-5.el6_0.1.i686", "6Workstation:quagga-0:0.99.15-5.el6_0.1.ppc64", "6Workstation:quagga-0:0.99.15-5.el6_0.1.s390x", "6Workstation:quagga-0:0.99.15-5.el6_0.1.src", "6Workstation:quagga-0:0.99.15-5.el6_0.1.x86_64", "6Workstation:quagga-contrib-0:0.99.15-5.el6_0.1.i686", "6Workstation:quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "6Workstation:quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "6Workstation:quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.i686", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.ppc", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.s390", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.s390x", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "(bgpd): Stack buffer overflow by processing certain Route-Refresh messages" }, { "cve": "CVE-2010-2949", "discovery_date": "2010-08-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "626795" } ], "notes": [ { "category": "description", "text": "bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message.", "title": "Vulnerability description" }, { "category": "summary", "text": "(bgpd): DoS (crash) while processing certain BGP update AS path messages", "title": "Vulnerability summary" }, { "category": "other", "text": "Not vulnerable. This issue did not affect the versions of quagga\npackage as shipped with Red Hat Enterprise Linux 3, 4, or 5, as\nthese versions do not support 4 byte AS numbers (AS4 support) yet.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-optional:quagga-0:0.99.15-5.el6_0.1.i686", "6Server-optional:quagga-0:0.99.15-5.el6_0.1.ppc64", "6Server-optional:quagga-0:0.99.15-5.el6_0.1.s390x", "6Server-optional:quagga-0:0.99.15-5.el6_0.1.src", "6Server-optional:quagga-0:0.99.15-5.el6_0.1.x86_64", "6Server-optional:quagga-contrib-0:0.99.15-5.el6_0.1.i686", "6Server-optional:quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "6Server-optional:quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "6Server-optional:quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.i686", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.ppc", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.s390", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.s390x", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.x86_64", "6Server:quagga-0:0.99.15-5.el6_0.1.i686", "6Server:quagga-0:0.99.15-5.el6_0.1.ppc64", "6Server:quagga-0:0.99.15-5.el6_0.1.s390x", "6Server:quagga-0:0.99.15-5.el6_0.1.src", "6Server:quagga-0:0.99.15-5.el6_0.1.x86_64", "6Server:quagga-contrib-0:0.99.15-5.el6_0.1.i686", "6Server:quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "6Server:quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "6Server:quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.i686", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.ppc", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.s390", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.s390x", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.x86_64", "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.i686", "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.ppc64", "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.s390x", "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.src", "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.x86_64", "6Workstation-optional:quagga-contrib-0:0.99.15-5.el6_0.1.i686", "6Workstation-optional:quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "6Workstation-optional:quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "6Workstation-optional:quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.i686", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.ppc", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.s390", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.s390x", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.x86_64", "6Workstation:quagga-0:0.99.15-5.el6_0.1.i686", "6Workstation:quagga-0:0.99.15-5.el6_0.1.ppc64", "6Workstation:quagga-0:0.99.15-5.el6_0.1.s390x", "6Workstation:quagga-0:0.99.15-5.el6_0.1.src", "6Workstation:quagga-0:0.99.15-5.el6_0.1.x86_64", "6Workstation:quagga-contrib-0:0.99.15-5.el6_0.1.i686", "6Workstation:quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "6Workstation:quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "6Workstation:quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.i686", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.ppc", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.s390", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.s390x", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2010-2949" }, { "category": "external", "summary": "RHBZ#626795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=626795" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2010-2949", "url": "https://www.cve.org/CVERecord?id=CVE-2010-2949" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-2949", "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2949" } ], "release_date": "2010-08-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-12-06T19:14:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "6Server-optional:quagga-0:0.99.15-5.el6_0.1.i686", "6Server-optional:quagga-0:0.99.15-5.el6_0.1.ppc64", "6Server-optional:quagga-0:0.99.15-5.el6_0.1.s390x", "6Server-optional:quagga-0:0.99.15-5.el6_0.1.src", "6Server-optional:quagga-0:0.99.15-5.el6_0.1.x86_64", "6Server-optional:quagga-contrib-0:0.99.15-5.el6_0.1.i686", "6Server-optional:quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "6Server-optional:quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "6Server-optional:quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.i686", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.ppc", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.s390", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.s390x", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.x86_64", "6Server:quagga-0:0.99.15-5.el6_0.1.i686", "6Server:quagga-0:0.99.15-5.el6_0.1.ppc64", "6Server:quagga-0:0.99.15-5.el6_0.1.s390x", "6Server:quagga-0:0.99.15-5.el6_0.1.src", "6Server:quagga-0:0.99.15-5.el6_0.1.x86_64", "6Server:quagga-contrib-0:0.99.15-5.el6_0.1.i686", "6Server:quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "6Server:quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "6Server:quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.i686", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.ppc", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.s390", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.s390x", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.x86_64", "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.i686", "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.ppc64", "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.s390x", "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.src", "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.x86_64", "6Workstation-optional:quagga-contrib-0:0.99.15-5.el6_0.1.i686", "6Workstation-optional:quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "6Workstation-optional:quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "6Workstation-optional:quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.i686", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.ppc", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.s390", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.s390x", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.x86_64", "6Workstation:quagga-0:0.99.15-5.el6_0.1.i686", "6Workstation:quagga-0:0.99.15-5.el6_0.1.ppc64", "6Workstation:quagga-0:0.99.15-5.el6_0.1.s390x", "6Workstation:quagga-0:0.99.15-5.el6_0.1.src", "6Workstation:quagga-0:0.99.15-5.el6_0.1.x86_64", "6Workstation:quagga-contrib-0:0.99.15-5.el6_0.1.i686", "6Workstation:quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "6Workstation:quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "6Workstation:quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.i686", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.ppc", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.s390", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.s390x", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0945" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 1.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "6Server-optional:quagga-0:0.99.15-5.el6_0.1.i686", "6Server-optional:quagga-0:0.99.15-5.el6_0.1.ppc64", "6Server-optional:quagga-0:0.99.15-5.el6_0.1.s390x", "6Server-optional:quagga-0:0.99.15-5.el6_0.1.src", "6Server-optional:quagga-0:0.99.15-5.el6_0.1.x86_64", "6Server-optional:quagga-contrib-0:0.99.15-5.el6_0.1.i686", "6Server-optional:quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "6Server-optional:quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "6Server-optional:quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "6Server-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.i686", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.ppc", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.s390", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.s390x", "6Server-optional:quagga-devel-0:0.99.15-5.el6_0.1.x86_64", "6Server:quagga-0:0.99.15-5.el6_0.1.i686", "6Server:quagga-0:0.99.15-5.el6_0.1.ppc64", "6Server:quagga-0:0.99.15-5.el6_0.1.s390x", "6Server:quagga-0:0.99.15-5.el6_0.1.src", "6Server:quagga-0:0.99.15-5.el6_0.1.x86_64", "6Server:quagga-contrib-0:0.99.15-5.el6_0.1.i686", "6Server:quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "6Server:quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "6Server:quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "6Server:quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.i686", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.ppc", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.s390", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.s390x", "6Server:quagga-devel-0:0.99.15-5.el6_0.1.x86_64", "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.i686", "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.ppc64", "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.s390x", "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.src", "6Workstation-optional:quagga-0:0.99.15-5.el6_0.1.x86_64", "6Workstation-optional:quagga-contrib-0:0.99.15-5.el6_0.1.i686", "6Workstation-optional:quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "6Workstation-optional:quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "6Workstation-optional:quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "6Workstation-optional:quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.i686", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.ppc", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.s390", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.s390x", "6Workstation-optional:quagga-devel-0:0.99.15-5.el6_0.1.x86_64", "6Workstation:quagga-0:0.99.15-5.el6_0.1.i686", "6Workstation:quagga-0:0.99.15-5.el6_0.1.ppc64", "6Workstation:quagga-0:0.99.15-5.el6_0.1.s390x", "6Workstation:quagga-0:0.99.15-5.el6_0.1.src", "6Workstation:quagga-0:0.99.15-5.el6_0.1.x86_64", "6Workstation:quagga-contrib-0:0.99.15-5.el6_0.1.i686", "6Workstation:quagga-contrib-0:0.99.15-5.el6_0.1.ppc64", "6Workstation:quagga-contrib-0:0.99.15-5.el6_0.1.s390x", "6Workstation:quagga-contrib-0:0.99.15-5.el6_0.1.x86_64", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.i686", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.ppc64", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.s390x", "6Workstation:quagga-debuginfo-0:0.99.15-5.el6_0.1.x86_64", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.i686", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.ppc", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.ppc64", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.s390", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.s390x", "6Workstation:quagga-devel-0:0.99.15-5.el6_0.1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "(bgpd): DoS (crash) while processing certain BGP update AS path messages" } ] }
ghsa-7rqc-qrpp-9vrr
Vulnerability from github
bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message.
{ "affected": [], "aliases": [ "CVE-2010-2949" ], "database_specific": { "cwe_ids": [], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2010-09-10T19:00:00Z", "severity": "MODERATE" }, "details": "bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message.", "id": "GHSA-7rqc-qrpp-9vrr", "modified": "2022-05-14T03:53:35Z", "published": "2022-05-14T03:53:35Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2949" }, { "type": "WEB", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=626795" }, { "type": "WEB", "url": "http://code.quagga.net/?p=quagga.git%3Ba=commit%3Bh=cddb8112b80fa9867156c637d63e6e79eeac67bb" }, { "type": "WEB", "url": "http://code.quagga.net/?p=quagga.git;a=commit;h=cddb8112b80fa9867156c637d63e6e79eeac67bb" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html" }, { "type": "WEB", "url": "http://secunia.com/advisories/41038" }, { "type": "WEB", "url": "http://secunia.com/advisories/41238" }, { "type": "WEB", "url": "http://secunia.com/advisories/42397" }, { "type": "WEB", "url": "http://secunia.com/advisories/42446" }, { "type": "WEB", "url": "http://secunia.com/advisories/42498" }, { "type": "WEB", "url": "http://secunia.com/advisories/48106" }, { "type": "WEB", "url": "http://security.gentoo.org/glsa/glsa-201202-02.xml" }, { "type": "WEB", "url": "http://www.debian.org/security/2010/dsa-2104" }, { "type": "WEB", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:174" }, { "type": "WEB", "url": "http://www.openwall.com/lists/oss-security/2010/08/24/3" }, { "type": "WEB", "url": "http://www.openwall.com/lists/oss-security/2010/08/25/4" }, { "type": "WEB", "url": "http://www.quagga.net/news2.php?y=2010\u0026m=8\u0026d=19" }, { "type": "WEB", "url": "http://www.redhat.com/support/errata/RHSA-2010-0945.html" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/42642" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-1027-1" }, { "type": "WEB", "url": "http://www.vupen.com/english/advisories/2010/2304" }, { "type": "WEB", "url": "http://www.vupen.com/english/advisories/2010/3097" }, { "type": "WEB", "url": "http://www.vupen.com/english/advisories/2010/3124" } ], "schema_version": "1.4.0", "severity": [] }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.