Summary: | <net-misc/quagga-0.99.17: Multiple Vulnerabilities (CVE-2010-{2948,2949}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Tim Sammut (RETIRED) <underling> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | flameeyes, mrness |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B1 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 311865 | ||
Bug Blocks: |
Description
Tim Sammut (RETIRED)
2010-08-24 15:50:20 UTC
CVEs assigned. A, Stack buffer overflow by processing certain Route-Refresh messages CVE-2010-2948 B, DoS (crash) while processing certain BGP update AS path messages CVE-2010-2949 I'll be taking care of the bump; please give me a bit more time though because I actually want to give it a bit of lifting. CVE-2010-2948 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2948): Stack-based buffer overflow in the bgp_route_refresh_receive function in bgp_packet.c in bgpd in Quagga before 0.99.17 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a malformed Outbound Route Filtering (ORF) record in a BGP ROUTE-REFRESH (RR) message. CVE-2010-2949 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2949): bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message. (In reply to comment #2) > I'll be taking care of the bump; please give me a bit more time though because > I actually want to give it a bit of lifting. > Hi, Diego. How is you testing going? Should we move forward with stabilization? thanks! t Sorry, I forgot to advise here; I've been running 0.99.17 on my home router for a while and all the bugs reported have been fixed, so it's fine for me to mark 0.99.17-r2 stable. Thanks! Arches, please test and mark stable: =net-misc/quagga-0.99.17-r2 Target keywords : "alpha amd64 arm hppa ppc s390 sparc x86" Stable on alpha. x86 stable amd64 done arm/s390/sparc stable Stable for HPPA PPC. Thanks, folks. GLSA request filed. This issue was resolved and addressed in GLSA 201202-02 at http://security.gentoo.org/glsa/glsa-201202-02.xml by GLSA coordinator Tim Sammut (underling). |