ID CVE-2010-1674
Summary The extended-community parser in bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed Extended Communities attribute. Per: http://cwe.mitre.org/data/definitions/476.html 'CWE-476: NULL Pointer Dereference'
References
Vulnerable Configurations
  • cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.96.3:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.96.3:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.96.4:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.96.4:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.96.5:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.96.5:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.97.0:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.97.0:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.97.1:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.97.1:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.97.2:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.97.2:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.97.3:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.97.3:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.97.4:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.97.4:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.97.5:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.97.5:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.98.0:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.98.0:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.98.1:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.98.1:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.98.2:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.98.2:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.98.3:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.98.3:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.98.4:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.98.4:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.98.5:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.98.5:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.98.6:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.98.6:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.11:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.11:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.12:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.12:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.13:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.13:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.14:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.14:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.15:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.15:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.16:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.16:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:-:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:-:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.17:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.17:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 06-01-2018 - 02:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
redhat via4
advisories
rhsa
id RHSA-2012:1258
rpms
  • quagga-0:0.99.15-5.el6_0.2
  • quagga-contrib-0:0.99.15-5.el6_0.2
  • quagga-debuginfo-0:0.99.15-5.el6_0.2
  • quagga-devel-0:0.99.15-5.el6_0.2
  • quagga-0:0.98.6-7.el5_8.1
  • quagga-contrib-0:0.98.6-7.el5_8.1
  • quagga-debuginfo-0:0.98.6-7.el5_8.1
  • quagga-devel-0:0.98.6-7.el5_8.1
refmap via4
bid 46942
confirm
debian DSA-2197
gentoo GLSA-201202-02
mandriva MDVSA-2011:058
osvdb 71259
secunia
  • 43499
  • 43770
  • 48106
suse
  • SUSE-SR:2011:005
  • SUSE-SU-2011:1316
vupen ADV-2011-0711
xf quagga-community-dos(66211)
Last major update 06-01-2018 - 02:29
Published 29-03-2011 - 18:55
Last modified 06-01-2018 - 02:29
Back to Top