CVE-2013-2236

Synopsis Moderate: quagga security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for quagga is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...

Quagga could be made to crash or run programs if it received specially crafted network traffic ...

Debian Bug report logs - #726724 quagga: CVE-2013-2236 Package: quagga; Maintainer for quagga is Brett Parker <iDunno@sommitrealweirdcouk>; Source for quagga is src:quagga (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Fri, 18 Oct 2013 13:03:01 UTC Severity: grave Tags: patch, securit ...

Debian Bug report logs - #730513 CVE-2013-6051 - bgpd crash on valid BGP updates Package: quagga; Maintainer for quagga is Brett Parker <iDunno@sommitrealweirdcouk>; Source for quagga is src:quagga (PTS, buildd, popcon) Reported by: Christian Hammers <ch@debianorg> Date: Mon, 25 Nov 2013 23:54:02 UTC Severity: gr ...

Multiple vulnerabilities were discovered in Quagga, a BGP/OSPF/RIP routing daemon: CVE-2013-2236 A buffer overflow was found in the OSPF API-server (exporting the LSDB and allowing announcement of Opaque-LSAs) CVE-2013-6051 bgpd could be crashed through BGP updates This only affects Wheezy/stable For the oldstable distribution (squ ...

A stack-based buffer overflow flaw was found in the way the Quagga OSPFD daemon handled LSA (link-state advertisement) packets A remote attacker could use this flaw to crash the ospfd daemon resulting in denial of service ...