search

Chiencc / asuswrt-gt-ac5300

asuswrt-gt-ac5300
Other
0 stars 0 forks source link

quaggaquagga-0.99.24.1: 6 vulnerabilities (highest severity is: 9.8) - autoclosed #66

Closed mend-for-github-com[bot] closed 1 year ago

mend-for-github-com[bot] commented 1 year ago
Vulnerable Library - quaggaquagga-0.99.24.1

quagga

Library home page: https://git.savannah.gnu.org/cgit/quagga.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Vulnerable Source Files (1)

/release/src/router/quagga/zebra/rtadv.c

Vulnerabilities

CVE Severity CVSS Dependency Type Fixed in (quaggaquagga version) Remediation Available
CVE-2016-1245 Critical 9.8 quaggaquagga-0.99.24.1 Direct 1.0.20161017
CVE-2016-2342 High 8.1 quaggaquagga-0.99.24.1 Direct 1.0.20160309
CVE-2017-5495 High 7.5 quaggaquagga-0.99.24.1 Direct quagga-1.1.1
CVE-2017-16227 High 7.5 quaggaquagga-0.99.24.1 Direct 1.2.2
CVE-2012-0249 Medium 4.3 quaggaquagga-0.99.24.1 Direct 0.99.20.1
CVE-2012-0250 Medium 4.3 quaggaquagga-0.99.24.1 Direct 0.99.20.1

Details

CVE-2016-1245 ### Vulnerable Library - quaggaquagga-0.99.24.1

quagga

Library home page: https://git.savannah.gnu.org/cgit/quagga.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (1)

/release/src/router/quagga/zebra/rtadv.c

### Vulnerability Details

It was discovered that the zebra daemon in Quagga before 1.0.20161017 suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages. The root cause was relying on BUFSIZ to be compatible with a message size; however, BUFSIZ is system-dependent.

Publish Date: 2017-02-22

URL: CVE-2016-1245

### CVSS 3 Score Details (9.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2016-1245

Release Date: 2017-02-22

Fix Resolution: 1.0.20161017

CVE-2016-2342 ### Vulnerable Library - quaggaquagga-0.99.24.1

quagga

Library home page: https://git.savannah.gnu.org/cgit/quagga.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (3)

/release/src/router/quagga/bgpd/bgp_mplsvpn.c /release/src/router/quagga/bgpd/bgp_mplsvpn.c /release/src/router/quagga/bgpd/bgp_mplsvpn.c

### Vulnerability Details

The bgp_nlri_parse_vpnv4 function in bgp_mplsvpn.c in the VPNv4 NLRI parser in bgpd in Quagga before 1.0.20160309, when a certain VPNv4 configuration is used, relies on a Labeled-VPN SAFI routes-data length field during a data copy, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted packet.

Publish Date: 2016-03-17

URL: CVE-2016-2342

### CVSS 3 Score Details (8.1)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2016-2342

Release Date: 2016-03-17

Fix Resolution: 1.0.20160309

CVE-2017-5495 ### Vulnerable Library - quaggaquagga-0.99.24.1

quagga

Library home page: https://git.savannah.gnu.org/cgit/quagga.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (1)

/release/src/router/quagga/lib/vty.c

### Vulnerability Details

All versions of Quagga, 0.93 through 1.1.0, are vulnerable to an unbounded memory allocation in the telnet 'vty' CLI, leading to a Denial-of-Service of Quagga daemons, or even the entire host. When Quagga daemons are configured with their telnet CLI enabled, anyone who can connect to the TCP ports can trigger this vulnerability, prior to authentication. Most distributions restrict the Quagga telnet interface to local access only by default. The Quagga telnet interface 'vty' input buffer grows automatically, without bound, so long as a newline is not entered. This allows an attacker to cause the Quagga daemon to allocate unbounded memory by sending very long strings without a newline. Eventually the daemon is terminated by the system, or the system itself runs out of memory. This is fixed in Quagga 1.1.1 and Free Range Routing (FRR) Protocol Suite 2017-01-10.

Publish Date: 2017-01-24

URL: CVE-2017-5495

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5495

Release Date: 2017-01-24

Fix Resolution: quagga-1.1.1

CVE-2017-16227 ### Vulnerable Library - quaggaquagga-0.99.24.1

quagga

Library home page: https://git.savannah.gnu.org/cgit/quagga.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (1)

/release/src/router/quagga/bgpd/bgp_aspath.c

### Vulnerability Details

The aspath_put function in bgpd/bgp_aspath.c in Quagga before 1.2.2 allows remote attackers to cause a denial of service (session drop) via BGP UPDATE messages, because AS_PATH size calculation for long paths counts certain bytes twice and consequently constructs an invalid message.

Publish Date: 2017-10-29

URL: CVE-2017-16227

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-16227

Release Date: 2017-10-29

Fix Resolution: 1.2.2

CVE-2012-0249 ### Vulnerable Library - quaggaquagga-0.99.24.1

quagga

Library home page: https://git.savannah.gnu.org/cgit/quagga.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (3)

/release/src/router/quagga/ospfd/ospf_packet.h /release/src/router/quagga/ospfd/ospf_packet.h /release/src/router/quagga/ospfd/ospf_packet.h

### Vulnerability Details

Buffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a Link State Update (aka LS Update) packet that is smaller than the length specified in its header.

Publish Date: 2012-04-05

URL: CVE-2012-0249

### CVSS 3 Score Details (4.3)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Adjacent - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: Low

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0249

Release Date: 2012-04-05

Fix Resolution: 0.99.20.1

CVE-2012-0250 ### Vulnerable Library - quaggaquagga-0.99.24.1

quagga

Library home page: https://git.savannah.gnu.org/cgit/quagga.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (3)

/release/src/router/quagga/ospfd/ospf_packet.h /release/src/router/quagga/ospfd/ospf_packet.h /release/src/router/quagga/ospfd/ospf_packet.h

### Vulnerability Details

Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field.

Publish Date: 2012-04-05

URL: CVE-2012-0250

### CVSS 3 Score Details (4.3)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Adjacent - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: Low

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0249

Release Date: 2012-04-05

Fix Resolution: 0.99.20.1

mend-for-github-com[bot] commented 1 year ago

:information_source: This issue was automatically closed by Mend because it is a duplicate of an existing issue: #67

mend-for-github-com[bot] commented 1 year ago

:information_source: This issue was automatically closed by Mend because it is a duplicate of an existing issue: #67