ID CVE-2010-2949
Summary bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message. Per: http://cwe.mitre.org/data/definitions/476.html 'CWE-476: NULL Pointer Dereference'
References
Vulnerable Configurations
  • cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.96.3:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.96.3:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.96.4:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.96.4:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.96.5:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.96.5:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.97.0:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.97.0:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.97.1:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.97.1:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.97.2:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.97.2:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.97.3:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.97.3:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.97.4:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.97.4:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.97.5:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.97.5:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.98.0:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.98.0:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.98.1:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.98.1:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.98.2:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.98.2:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.98.3:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.98.3:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.98.4:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.98.4:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.98.5:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.98.5:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.98.6:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.98.6:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.11:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.11:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.12:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.12:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.13:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.13:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.14:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.14:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.15:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.15:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:-:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:-:*:*:*:*:*:*:*
  • cpe:2.3:a:quagga:quagga:0.99.16:*:*:*:*:*:*:*
    cpe:2.3:a:quagga:quagga:0.99.16:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 06-01-2018 - 02:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
redhat via4
advisories
bugzilla
id 626795
title CVE-2010-2949 Quagga (bgpd): DoS (crash) while processing certain BGP update AS path messages
oval
AND
  • OR
    • comment Red Hat Enterprise Linux 6 Client is installed
      oval oval:com.redhat.rhba:tst:20111656001
    • comment Red Hat Enterprise Linux 6 Server is installed
      oval oval:com.redhat.rhba:tst:20111656002
    • comment Red Hat Enterprise Linux 6 Workstation is installed
      oval oval:com.redhat.rhba:tst:20111656003
    • comment Red Hat Enterprise Linux 6 ComputeNode is installed
      oval oval:com.redhat.rhba:tst:20111656004
  • OR
    • AND
      • comment quagga is earlier than 0:0.99.15-5.el6_0.1
        oval oval:com.redhat.rhsa:tst:20100945005
      • comment quagga is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20100945006
    • AND
      • comment quagga-contrib is earlier than 0:0.99.15-5.el6_0.1
        oval oval:com.redhat.rhsa:tst:20100945007
      • comment quagga-contrib is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20100945008
    • AND
      • comment quagga-devel is earlier than 0:0.99.15-5.el6_0.1
        oval oval:com.redhat.rhsa:tst:20100945009
      • comment quagga-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20100945010
rhsa
id RHSA-2010:0945
released 2010-12-06
severity Moderate
title RHSA-2010:0945: quagga security update (Moderate)
rpms
  • quagga-0:0.99.15-5.el6_0.1
  • quagga-contrib-0:0.99.15-5.el6_0.1
  • quagga-devel-0:0.99.15-5.el6_0.1
refmap via4
bid 42642
confirm
debian DSA-2104
gentoo GLSA-201202-02
mandriva MDVSA-2010:174
mlist
  • [oss-security] 20100824 CVE Request -- Quagga (bgpd) [two ids] -- 1, Stack buffer overflow by processing crafted Refresh-Route msgs 2, NULL ptr deref by parsing certain AS paths by BGP update request
  • [oss-security] 20100825 Re: CVE Request -- Quagga (bgpd) [two ids] -- 1, Stack buffer overflow by processing crafted Refresh-Route msgs 2, NULL ptr deref by parsing certain AS paths by BGP update request
secunia
  • 41038
  • 41238
  • 42397
  • 42446
  • 42498
  • 48106
suse
  • SUSE-SR:2010:022
  • SUSE-SU-2011:1316
ubuntu USN-1027-1
vupen
  • ADV-2010-2304
  • ADV-2010-3097
  • ADV-2010-3124
Last major update 06-01-2018 - 02:29
Published 10-09-2010 - 19:00
Back to Top