| Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2010-2949 | 5.0 |
bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message.
|
13-02-2023 - 04:21 | 10-09-2010 - 19:00 | |
| CVE-2010-2948 | 6.5 |
Stack-based buffer overflow in the bgp_route_refresh_receive function in bgp_packet.c in bgpd in Quagga before 0.99.17 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a malformed Ou
|
13-02-2023 - 04:21 | 10-09-2010 - 19:00 | |
| CVE-2011-3324 | 5.0 |
The ospf6_lsa_is_changed function in ospf6_lsa.c in the OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via trailing zero values in the Link State Adver
|
06-01-2018 - 02:29 | 10-10-2011 - 10:55 | |
| CVE-2011-3326 | 5.0 |
The ospf_flood function in ospf_flood.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) via an invalid Link State Advertisement (LSA) type in an IPv4 Link State Update message.
|
06-01-2018 - 02:29 | 10-10-2011 - 10:55 | |
| CVE-2011-3327 | 7.5 |
Heap-based buffer overflow in the ecommunity_ecom2str function in bgp_ecommunity.c in bgpd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by sending a crafted BGP UPDATE
|
06-01-2018 - 02:29 | 10-10-2011 - 10:55 | |
| CVE-2011-3323 | 5.0 |
The OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (out-of-bounds memory access and daemon crash) via a Link State Update message with an invalid IPv6 prefix length.
|
06-01-2018 - 02:29 | 10-10-2011 - 10:55 | |
| CVE-2011-3325 | 5.0 |
ospf_packet.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) via (1) a 0x0a type field in an IPv4 packet header or (2) a truncated IPv4 Hello packet.
|
06-01-2018 - 02:29 | 10-10-2011 - 10:55 | |
| CVE-2010-1675 | 5.0 |
bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (session reset) via a malformed AS_PATHLIMIT path attribute.
|
06-01-2018 - 02:29 | 29-03-2011 - 18:55 | |
| CVE-2010-1674 | 5.0 |
The extended-community parser in bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed Extended Communities attribute. Per: http://cwe.mitre.org/data/defini
|
06-01-2018 - 02:29 | 29-03-2011 - 18:55 |