|Max CVSS||7.8||Min CVSS||2.9||Total Count||5|
|ID||CVSS||Summary||Last (major) update||Published|
The Quagga BGP daemon (bgpd) prior to version 1.2.3 can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. A successful attack could cause a denial of service or potentially allow an
|19-02-2018 - 08:29||19-02-2018 - 08:29|
All versions of Quagga, 0.93 through 1.1.0, are vulnerable to an unbounded memory allocation in the telnet 'vty' CLI, leading to a Denial-of-Service of Quagga daemons, or even the entire host. When Quagga daemons are configured with their telnet CLI
|26-01-2017 - 10:53||24-01-2017 - 02:59|
bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (session reset) via a malformed AS_PATHLIMIT path attribute.
|11-02-2014 - 23:19||29-03-2011 - 14:55|
The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering
|01-03-2013 - 23:40||13-06-2012 - 11:55|
bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message.
|18-01-2012 - 22:50||10-09-2010 - 15:00|