| Vulnerability Name: | CVE-2006-2276 (CCN-26528) | ||||||||||||||||
| Assigned: | 2006-03-29 | ||||||||||||||||
| Published: | 2006-03-29 | ||||||||||||||||
| Updated: | 2018-10-03 | ||||||||||||||||
| Summary: | bgpd in Quagga 0.98 and 0.99 before 20060504 allows local users to cause a denial of service (CPU consumption) via a certain sh ip bgp command entered in the telnet interface. | ||||||||||||||||
| CVSS v3 Severity: | 6.2 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
| ||||||||||||||||
| CVSS v2 Severity: | 4.9 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C)
| ||||||||||||||||
| Vulnerability Type: | CWE-399 | ||||||||||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||||||||||
| References: | Source: SGI Type: UNKNOWN 20060602-01-U Source: MITRE Type: CNA CVE-2006-2276 Source: CCN Type: quagga-dev Mailing List, Wed Mar 29 14:31:45 IST 2006 quagga locks with command sh ip bgp community 1:* Source: MLIST Type: Exploit [quagga-dev] 20060329 quagga locks with command sh ip bgp community 1:* Source: CCN Type: RHSA-2006-0525 quagga security update Source: CCN Type: RHSA-2006-0533 zebra security update Source: CCN Type: SA20116 Quagga bgpd Denial of Service Vulnerability Source: SECUNIA Type: Vendor Advisory 20116 Source: SECUNIA Type: Vendor Advisory 20137 Source: SECUNIA Type: Vendor Advisory 20138 Source: SECUNIA Type: Vendor Advisory 20221 Source: SECUNIA Type: UNKNOWN 20420 Source: SECUNIA Type: Vendor Advisory 20421 Source: SECUNIA Type: Vendor Advisory 20782 Source: CCN Type: SECTRACK ID: 1016204 Quagga Bugs Let Remote Users Obtain or Modify Routing Information and Local Users Deny Service Source: SECTRACK Type: UNKNOWN 1016204 Source: CCN Type: ASA-2006-114 zebra security update (RHSA-2006-0533) Source: CCN Type: ASA-2006-115 quagga security update (RHSA-2006-0525) Source: DEBIAN Type: UNKNOWN DSA-1059 Source: DEBIAN Type: DSA-1059 quagga -- several vulnerabilities Source: CCN Type: GLSA-200605-15 Quagga Routing Suite: Multiple vulnerabilities Source: GENTOO Type: UNKNOWN GLSA-200605-15 Source: OSVDB Type: Exploit, Patch 25245 Source: CCN Type: OSVDB ID: 25245 Quagga bgpd Telnet Interface Local DoS Source: CCN Type: Quagga Web site Quagga Software Routing Suite Source: CCN Type: Quagga Routing Suite Download page Quagga Routing Suite Source: CCN Type: Quagga Software Routing Suite Web site 2006-05-04: 0.98.6 Release Candidate to address Security issues Source: CONFIRM Type: Patch http://www.quagga.net/news2.php?y=2006&m=5&d=4#id1146764580 Source: REDHAT Type: UNKNOWN RHSA-2006:0525 Source: REDHAT Type: UNKNOWN RHSA-2006:0533 Source: BID Type: UNKNOWN 17979 Source: CCN Type: BID-17979 Quagga BGPD Local Denial Of Service Vulnerability Source: CCN Type: USN-284-1 Quagga vulnerabilities Source: XF Type: UNKNOWN quagga-communitystr2com-dos(26528) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:10651 Source: UBUNTU Type: UNKNOWN USN-284-1 | ||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration RedHat 1: Configuration RedHat 2: Configuration RedHat 3: Configuration RedHat 4: Configuration RedHat 5: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||
| Oval Definitions | |||||||||||||||||
| |||||||||||||||||
| BACK | |||||||||||||||||