fkie_nvd - fkie_cve-2010-1674

FKIE_CVE-2010-1674

Vulnerability from fkie_nvd - Published: 2011-03-29 18:55 - Updated: 2025-04-11 00:51

Severity ?

Summary

The extended-community parser in bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed Extended Communities attribute.

References

URL	Tags
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html
cve@mitre.org	http://rhn.redhat.com/errata/RHSA-2012-1258.html
cve@mitre.org	http://secunia.com/advisories/43499	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/43770	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/48106
cve@mitre.org	http://security.gentoo.org/glsa/glsa-201202-02.xml
cve@mitre.org	http://www.debian.org/security/2011/dsa-2197
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDVSA-2011:058
cve@mitre.org	http://www.osvdb.org/71259
cve@mitre.org	http://www.quagga.net/news2.php?y=2011&m=3&d=21#id1300723200
cve@mitre.org	http://www.securityfocus.com/bid/46942
cve@mitre.org	http://www.vupen.com/english/advisories/2011/0711	Vendor Advisory
cve@mitre.org	https://bugzilla.redhat.com/show_bug.cgi?id=654603
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/66211
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-1258.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/43499	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/43770	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48106
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-201202-02.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2011/dsa-2197
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2011:058
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/71259
af854a3a-2127-422b-91ae-364da2661108	http://www.quagga.net/news2.php?y=2011&m=3&d=21#id1300723200
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/46942
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0711	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=654603
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/66211

Impacted products

Vendor	Product	Version
quagga	quagga	*
quagga	quagga	0.95
quagga	quagga	0.96
quagga	quagga	0.96.1
quagga	quagga	0.96.2
quagga	quagga	0.96.3
quagga	quagga	0.96.4
quagga	quagga	0.96.5
quagga	quagga	0.97.0
quagga	quagga	0.97.1
quagga	quagga	0.97.2
quagga	quagga	0.97.3
quagga	quagga	0.97.4
quagga	quagga	0.97.5
quagga	quagga	0.98.0
quagga	quagga	0.98.1
quagga	quagga	0.98.2
quagga	quagga	0.98.3
quagga	quagga	0.98.4
quagga	quagga	0.98.5
quagga	quagga	0.98.6
quagga	quagga	0.99.1
quagga	quagga	0.99.2
quagga	quagga	0.99.3
quagga	quagga	0.99.4
quagga	quagga	0.99.5
quagga	quagga	0.99.6
quagga	quagga	0.99.7
quagga	quagga	0.99.8
quagga	quagga	0.99.9
quagga	quagga	0.99.10
quagga	quagga	0.99.11
quagga	quagga	0.99.12
quagga	quagga	0.99.13
quagga	quagga	0.99.14
quagga	quagga	0.99.15
quagga	quagga	0.99.16

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:quagga:quagga:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC571045-E383-4B76-B026-629CFDA1E93F",
              "versionEndIncluding": "0.99.17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD7A8AD5-A315-4242-960C-05E792B30547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B83BCE2-24D0-4B5B-A034-62BFF1894AE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDD63DD9-1809-4CEC-AB69-955A7B127CA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2AD1AD-DDE2-477B-8EFD-767B6FD8EDBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.96.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "99BD881B-9B53-4E12-B083-87C9C87CDF62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.96.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F910313F-FFE1-470A-A9B6-8A854C73DC97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.96.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B0A9232-968D-4D3E-82A0-F5CC858EAF48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.97.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD5F4CFB-BE1F-4424-8D2F-B921704E3AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.97.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A55FF13-8E56-4A27-B7FD-A855735E1045",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.97.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7DDBC3B-99BB-4404-9A73-90ED6581D69A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.97.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB09A713-E91E-44E7-8B82-F70F655A97B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.97.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "10173750-690B-4576-AB3F-11A0861AA78B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.97.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EF8693A-D561-4D2E-BD60-5630601C6A94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.98.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE43983A-73CB-41A5-889B-1AEA9A27F440",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.98.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EB589E9-85C0-4E87-856B-A2832383B129",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.98.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CF5EB8A-8E46-4490-BA88-03D4BED3EB84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.98.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6445BEF-245C-47CE-9779-96C97CFD4DA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.98.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "48D007FD-C1AD-477E-9AA5-DDB4522D3248",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.98.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6ADB9F6-B519-45D0-966F-F095372FBB49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.98.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E914BAF-2E3A-415E-BAA7-FA02B4A22E25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FCB7EC-8060-434B-B485-0DC7DBFE117D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9524E069-2A80-4068-9945-2752EF2126EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E1B30CC-478C-4BD1-AF4C-D126B8CCE8D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D713119-F9C6-4656-92C9-A5B863A4B72F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A5E99C8-3778-416B-915F-7335C72435B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "578DCE6D-3360-43DA-B22E-E0005A6AF388",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4D7B93B-0CF5-4CAF-B1F4-8A816A427BC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FDAF214-1851-4DFC-ACAA-37D8CD83D323",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B41BBCA6-237B-4CB6-9208-571D47251E18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD6CAB29-56F9-4C54-97D8-CBB338658EB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.99.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "C69C603A-34A1-4EF9-A332-6984928BF72C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.99.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8814493-75B4-45DD-886B-054A1C27F870",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.99.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "E98DCCDE-2800-4FC5-BE49-3EC7583F9768",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.99.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF2C126C-075D-42F0-B9DD-95267D14C818",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.99.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "62379505-A869-48AA-8A32-768583F12266",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.99.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "737C92B8-185F-4049-A7F4-D9D4DA6DDFDC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The extended-community parser in bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed Extended Communities attribute."
    },
    {
      "lang": "es",
      "value": "El parser \"extended-community\" de bgpd de Quagga en versiones anteriores a la 0.99.18 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (resoluci\u00f3n de puntero NULL y ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de un atributo \"Extended Communities\" mal formado."
    }
  ],
  "evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/476.html \r\n\u0027CWE-476: NULL Pointer Dereference\u0027",
  "id": "CVE-2010-1674",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2011-03-29T18:55:01.127",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1258.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/43499"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/43770"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/48106"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-201202-02.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2011/dsa-2197"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:058"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/71259"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.quagga.net/news2.php?y=2011\u0026m=3\u0026d=21#id1300723200"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/46942"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0711"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=654603"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66211"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1258.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/43499"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/43770"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/48106"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-201202-02.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2011/dsa-2197"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:058"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/71259"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.quagga.net/news2.php?y=2011\u0026m=3\u0026d=21#id1300723200"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/46942"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0711"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=654603"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66211"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2010-1674 (GCVE-0-2010-1674)

Vulnerability from cvelistv5 – Published: 2011-03-29 18:00 – Updated: 2024-08-07 01:35

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.securityfocus.com/bid/46942	vdb-entryx_refsource_BID
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://security.gentoo.org/glsa/glsa-201202-02.xml	vendor-advisoryx_refsource_GENTOO
	http://rhn.redhat.com/errata/RHSA-2012-1258.html	vendor-advisoryx_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	https://bugzilla.redhat.com/show_bug.cgi?id=654603	x_refsource_CONFIRM
	http://secunia.com/advisories/43770	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/48106	third-party-advisoryx_refsource_SECUNIA
	http://www.debian.org/security/2011/dsa-2197	vendor-advisoryx_refsource_DEBIAN
	http://www.vupen.com/english/advisories/2011/0711	vdb-entryx_refsource_VUPEN
	http://www.quagga.net/news2.php?y=2011&m=3&d=21#i…	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.osvdb.org/71259	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/43499	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T01:35:53.351Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "46942",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/46942"
          },
          {
            "name": "SUSE-SR:2011:005",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
          },
          {
            "name": "GLSA-201202-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201202-02.xml"
          },
          {
            "name": "RHSA-2012:1258",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1258.html"
          },
          {
            "name": "SUSE-SU-2011:1316",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=654603"
          },
          {
            "name": "43770",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43770"
          },
          {
            "name": "48106",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48106"
          },
          {
            "name": "DSA-2197",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2197"
          },
          {
            "name": "ADV-2011-0711",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0711"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.quagga.net/news2.php?y=2011\u0026m=3\u0026d=21#id1300723200"
          },
          {
            "name": "MDVSA-2011:058",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:058"
          },
          {
            "name": "quagga-community-dos(66211)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66211"
          },
          {
            "name": "71259",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/71259"
          },
          {
            "name": "43499",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43499"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-03-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The extended-community parser in bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed Extended Communities attribute."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-05T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "46942",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/46942"
        },
        {
          "name": "SUSE-SR:2011:005",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
        },
        {
          "name": "GLSA-201202-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201202-02.xml"
        },
        {
          "name": "RHSA-2012:1258",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1258.html"
        },
        {
          "name": "SUSE-SU-2011:1316",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=654603"
        },
        {
          "name": "43770",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43770"
        },
        {
          "name": "48106",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48106"
        },
        {
          "name": "DSA-2197",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2197"
        },
        {
          "name": "ADV-2011-0711",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0711"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.quagga.net/news2.php?y=2011\u0026m=3\u0026d=21#id1300723200"
        },
        {
          "name": "MDVSA-2011:058",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:058"
        },
        {
          "name": "quagga-community-dos(66211)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66211"
        },
        {
          "name": "71259",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/71259"
        },
        {
          "name": "43499",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43499"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-1674",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The extended-community parser in bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed Extended Communities attribute."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "46942",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/46942"
            },
            {
              "name": "SUSE-SR:2011:005",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
            },
            {
              "name": "GLSA-201202-02",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201202-02.xml"
            },
            {
              "name": "RHSA-2012:1258",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1258.html"
            },
            {
              "name": "SUSE-SU-2011:1316",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=654603",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=654603"
            },
            {
              "name": "43770",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43770"
            },
            {
              "name": "48106",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48106"
            },
            {
              "name": "DSA-2197",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2011/dsa-2197"
            },
            {
              "name": "ADV-2011-0711",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0711"
            },
            {
              "name": "http://www.quagga.net/news2.php?y=2011\u0026m=3\u0026d=21#id1300723200",
              "refsource": "CONFIRM",
              "url": "http://www.quagga.net/news2.php?y=2011\u0026m=3\u0026d=21#id1300723200"
            },
            {
              "name": "MDVSA-2011:058",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:058"
            },
            {
              "name": "quagga-community-dos(66211)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66211"
            },
            {
              "name": "71259",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/71259"
            },
            {
              "name": "43499",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43499"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-1674",
    "datePublished": "2011-03-29T18:00:00",
    "dateReserved": "2010-04-30T00:00:00",
    "dateUpdated": "2024-08-07T01:35:53.351Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

FKIE_CVE-2010-1674

CVE-2010-1674 (GCVE-0-2010-1674)

Tags

Sightings

Nomenclature