Summary: | <net-misc/quagga-0.99.21: Multiple Vulnerabilities (CVE-2012-{0249,0250,0255,1820}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | asl, chainsaw, flameeyes, gentoo, jason, mrness, pinkbyte |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://secunia.com/advisories/48388/ | ||
Whiteboard: | B3 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 446289, 446346 | ||
Bug Blocks: |
Description
Agostino Sarubbo
2012-03-16 15:58:49 UTC
CVE-2012-0255 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0255): The BGP implementation in bgpd in Quagga before 0.99.20.1 does not properly use message buffers for OPEN messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a message associated with a malformed Four-octet AS Number Capability (aka AS4 capability). CVE-2012-0250 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0250): Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field. CVE-2012-0249 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0249): Buffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a Link State Update (aka LS Update) packet that is smaller than the length specified in its header. CVE-2012-1820 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1820): The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message. 0.99.21 is in tree now. Arches, please test and mark stable =net-misc/quagga-0.99.21 Target keywords: alpha amd64 arm hppa ppc s390 sparc x86 Please get rid of USE=logrotate (see bug #198901). (In reply to comment #4) > Please get rid of USE=logrotate (see bug #198901). Fixed that. Stable for HPPA. since there are at least 2 compile failures, I'm wondering on how hppa has tested it. amd64 stable x86 stable alpha/arm/s390/sparc stable ppc stable Thanks, everyone. GLSA vote: yes. GLSA Vote: yes, too. New GLSA request filed. This issue was resolved and addressed in GLSA 201310-08 at http://security.gentoo.org/glsa/glsa-201310-08.xml by GLSA coordinator Sean Amoss (ackle). |