Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2013-6051

Published: 14/12/2013 Updated: 07/11/2023
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Vulnerability Summary

The bgp_attr_unknown function in bgp_attr.c in Quagga 0.99.21 does not properly initialize the total variable, which allows remote malicious users to cause a denial of service (bgpd crash) via a crafted BGP update.

Vulnerable Product Search on Vulmon Subscribe to Product

quagga quagga 0.99.21

Vendor Advisories

Debian CVElist Bug Report Logs: quagga: CVE-2013-2236
Debian Bug report logs - #726724 quagga: CVE-2013-2236 Package: quagga; Maintainer for quagga is Brett Parker <iDunno@sommitrealweirdcouk>; Source for quagga is src:quagga (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Fri, 18 Oct 2013 13:03:01 UTC Severity: grave Tags: patch, securit ...
Debian CVElist Bug Report Logs: CVE-2013-6051 - bgpd crash on valid BGP updates
Debian Bug report logs - #730513 CVE-2013-6051 - bgpd crash on valid BGP updates Package: quagga; Maintainer for quagga is Brett Parker <iDunno@sommitrealweirdcouk>; Source for quagga is src:quagga (PTS, buildd, popcon) Reported by: Christian Hammers <ch@debianorg> Date: Mon, 25 Nov 2013 23:54:02 UTC Severity: gr ...
Debian Security Advisories: DSA-2803-1 quagga -- several vulnerabilities
Multiple vulnerabilities were discovered in Quagga, a BGP/OSPF/RIP routing daemon: CVE-2013-2236 A buffer overflow was found in the OSPF API-server (exporting the LSDB and allowing announcement of Opaque-LSAs) CVE-2013-6051 bgpd could be crashed through BGP updates This only affects Wheezy/stable For the oldstable distribution (squ ...
Amazon Linux AMI: ALAS-2014-279
The bgp_attr_unknown function in bgp_attrc in Quagga 09921 does not properly initialize the total variable, which allows remote attackers to cause a denial of service (bgpd crash) via a crafted BGP update ...

References

NVD-CWE-noinfohttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730513http://www.debian.org/security/2013/dsa-2803http://git.savannah.gnu.org/gitweb/?p=quagga.git%3Ba=commitdiff%3Bh=8794e8d229dc9fe29ea31424883433d4880ef408https://nvd.nist.govhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726724https://www.debian.org/security/./dsa-2803
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248CVE-2024-3110CVE-2024-5552CVE-2024-29415HTML injectionCVE-2024-3095TCPtype confusionCVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook