Vulnerability CVE-2007-1995 - CERT Civis.Net

Vulnerability Name:

CVE-2007-1995 (CCN-33547)

Assigned:

2007-04-08

Published:

2007-04-08

Updated:

2017-10-11

Summary:

bgpd/bgp_attr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0.99 versions, does not validate length values in the MP_REACH_NLRI and MP_UNREACH_NLRI attributes, which allows remote attackers to cause a denial of service (daemon crash or exit) via crafted UPDATE messages that trigger an assertion error or out of bounds read.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

6.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:N/A:C)
4.7 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:N/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Denial of Service

References:

Source: CCN
Type: Quagga Bugzilla Bug 354
bgpd vulnerable to DoS by configured peers

Source: CONFIRM
Type: UNKNOWN
http://bugzilla.quagga.net/show_bug.cgi?id=354

Source: CONFIRM
Type: UNKNOWN
http://bugzilla.quagga.net/show_bug.cgi?id=355

Source: MITRE
Type: CNA
CVE-2007-1995

Source: CCN
Type: RHSA-2007-0389
Moderate: quagga security update

Source: CCN
Type: SA24808
Quagga "reachable/unreachable" NLRI Attributes Denial of Service

Source: SECUNIA
Type: Vendor Advisory
24808

Source: SECUNIA
Type: Vendor Advisory
25084

Source: SECUNIA
Type: Vendor Advisory
25119

Source: SECUNIA
Type: Vendor Advisory
25255

Source: SECUNIA
Type: Vendor Advisory
25293

Source: SECUNIA
Type: Vendor Advisory
25312

Source: SECUNIA
Type: Vendor Advisory
25428

Source: CCN
Type: SA29743
Sun Solaris Quagga Multiple Denial of Service Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
29743

Source: GENTOO
Type: UNKNOWN
GLSA-200705-05

Source: CCN
Type: SECTRACK ID: 1018142
Quagga bgpd Server Can Be Crashed By Remote Users

Source: SUNALERT
Type: UNKNOWN
236141

Source: CCN
Type: Sun Alert ID: 236141
Security Vulnerabilities in the GNU Zebra and Quagga BGP Routing Daemon May Allow for Denial of Service

Source: CCN
Type: ASA-2007-216
quagga security update (RHSA-2007-0389)

Source: CCN
Type: ASA-2008-176
Security Vulnerabilities in the GNU Zebra and Quagga BGP Routing Daemon May Allow for Denial of Service (Sun 236141)

Source: DEBIAN
Type: UNKNOWN
DSA-1293

Source: DEBIAN
Type: DSA-1293
quagga -- out of boundary read

Source: CCN
Type: GLSA-200705-05
Quagga: Denial of Service

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2007:096

Source: SUSE
Type: UNKNOWN
SUSE-SR:2007:009

Source: CCN
Type: OpenPKG-SA-2007.015
Quagga

Source: OPENPKG
Type: UNKNOWN
OpenPKG-SA-2007.015

Source: CCN
Type: Quagga Web site
Quagga Software Routing Suite

Source: CONFIRM
Type: UNKNOWN
http://www.quagga.net/news2.php?y=2007&m=4&d=8#id1176073740

Source: REDHAT
Type: UNKNOWN
RHSA-2007:0389

Source: BID
Type: UNKNOWN
23417

Source: CCN
Type: BID-23417
Quagga BGPD UPDATE Message Remote Denial Of Service Vulnerability

Source: SECTRACK
Type: UNKNOWN
1018142

Source: TRUSTIX
Type: UNKNOWN
2007-0017

Source: CCN
Type: USN-461-1
Quagga vulnerability

Source: UBUNTU
Type: UNKNOWN
USN-461-1

Source: VUPEN
Type: Vendor Advisory
ADV-2007-1336

Source: VUPEN
Type: Vendor Advisory
ADV-2008-1195

Source: XF
Type: UNKNOWN
quagga-bgpattributes-dos(33547)

Source: XF
Type: UNKNOWN
quagga-bgpattributes-dos(33547)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:11048

Vulnerable Configuration:

Configuration 1:

cpe:/a:quagga:quagga:0.95:*:*:*:*:*:*:*

OR cpe:/a:quagga:quagga:0.96:*:*:*:*:*:*:*

OR cpe:/a:quagga:quagga:0.96.1:*:*:*:*:*:*:*

OR cpe:/a:quagga:quagga:0.96.2:*:*:*:*:*:*:*

OR cpe:/a:quagga:quagga:0.96.3:*:*:*:*:*:*:*

OR cpe:/a:quagga:quagga:0.96.4:*:*:*:*:*:*:*

OR cpe:/a:quagga:quagga:0.96.5:*:*:*:*:*:*:*

OR cpe:/a:quagga:quagga:0.97.0:*:*:*:*:*:*:*

OR cpe:/a:quagga:quagga:0.97.1:*:*:*:*:*:*:*

OR cpe:/a:quagga:quagga:0.97.2:*:*:*:*:*:*:*

OR cpe:/a:quagga:quagga:0.97.3:*:*:*:*:*:*:*

OR cpe:/a:quagga:quagga:0.97.4:*:*:*:*:*:*:*

OR cpe:/a:quagga:quagga:0.97.5:*:*:*:*:*:*:*

OR cpe:/a:quagga:quagga:0.98.0:*:*:*:*:*:*:*

OR cpe:/a:quagga:quagga:0.98.1:*:*:*:*:*:*:*

OR cpe:/a:quagga:quagga:0.98.2:*:*:*:*:*:*:*

OR cpe:/a:quagga:quagga:0.98.3:*:*:*:*:*:*:*

OR cpe:/a:quagga:quagga:0.98.4:*:*:*:*:*:*:*

OR cpe:/a:quagga:quagga:0.98.5:*:*:*:*:*:*:*

OR cpe:/a:quagga:quagga:*:*:*:*:*:*:*:* (Version <= 0.98.6)

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

Configuration RedHat 9:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Configuration CCN 1:

cpe:/a:quagga:quagga:-:*:*:*:*:*:*:*

AND

cpe:/a:openpkg:openpkg:current:*:*:*:*:*:*:*

OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

OR cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*

OR cpe:/o:sun:solaris:10::sparc:*:*:*:*:*

OR cpe:/o:sun:solaris:10::x86:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*

OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:7.04:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:server:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4.5.z::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4.5.z::es:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20071995	V	CVE-2007-1995	2022-06-30
oval:org.opensuse.security:def:42432	P	Security update for libeconf, shadow and util-linux (Moderate)	2022-04-19
oval:org.opensuse.security:def:112629	P	libfpm_pb0-1.2.4-2.14 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:31752	P	Security update for MozillaFirefox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:31751	P	Security update for java-1_8_0-ibm (Important) (in QA)	2022-01-04
oval:org.opensuse.security:def:31321	P	Security update for glib-networking (Important)	2021-12-13
oval:org.opensuse.security:def:42223	P	Security update for glibc (Moderate)	2021-12-08
oval:org.opensuse.security:def:26178	P	Security update for the Linux Kernel (Important)	2021-12-02
oval:org.opensuse.security:def:31713	P	Security update for clamav (Moderate)	2021-12-01
oval:org.opensuse.security:def:26176	P	Security update for speex (Moderate)	2021-12-01
oval:org.opensuse.security:def:31709	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:31295	P	Security update for transfig (Important)	2021-10-29
oval:org.opensuse.security:def:26151	P	Security update for python3 (Moderate)	2021-10-20
oval:org.opensuse.security:def:32206	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-10-18
oval:org.opensuse.security:def:32205	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-10-18
oval:org.opensuse.security:def:31283	P	Security update for apache2 (Important)	2021-10-06
oval:org.opensuse.security:def:26142	P	Security update for apache2 (Important)	2021-10-06
oval:org.opensuse.security:def:106111	P	libfpm_pb0-1.2.4-2.14 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:26119	P	Security update for file (Important)	2021-09-02
oval:org.opensuse.security:def:26114	P	Security update for openexr (Important)	2021-09-02
oval:org.opensuse.security:def:32988	P	Security update for aspell (Important)	2021-08-25
oval:org.opensuse.security:def:26103	P	Security update for the Linux Kernel (Important)	2021-08-10
oval:org.opensuse.security:def:26102	P	Security update for php72 (Important)	2021-08-06
oval:org.opensuse.security:def:26098	P	Security update for webkit2gtk3 (Important)	2021-08-03
oval:org.opensuse.security:def:32157	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:31650	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:32949	P	Security update for webkit2gtk3 (Important)	2021-06-17
oval:org.opensuse.security:def:32118	P	Security update for freeradius-server (Moderate)	2021-06-11
oval:org.opensuse.security:def:36285	P	quagga-0.99.15-0.14.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36553	P	quagga-0.99.15-0.14.11 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42692	P	quagga-0.99.15-0.14.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:32103	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-06-04
oval:org.opensuse.security:def:31189	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-06-04
oval:org.opensuse.security:def:32101	P	Security update for libwebp (Critical)	2021-06-02
oval:org.opensuse.security:def:26038	P	Security update for curl (Moderate)	2021-04-28
oval:org.opensuse.security:def:32059	P	Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:32061	P	Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:31369	P	Security update for MozillaFirefox (Important)	2021-03-31
oval:org.opensuse.security:def:26204	P	Security update for freeradius-server (Low)	2021-03-04
oval:org.opensuse.security:def:31737	P	Security update for python-cryptography (Important)	2021-03-02
oval:org.opensuse.security:def:32267	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:32245	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2021-02-10
oval:org.opensuse.security:def:31284	P	Security update for python3 (Important)	2021-02-08
oval:org.opensuse.security:def:26084	P	Security update for postgresql, postgresql12, postgresql13 (Important)	2021-01-26
oval:org.opensuse.security:def:26045	P	Security update for gimp (Moderate)	2021-01-04
oval:org.opensuse.security:def:36025	P	quagga-0.99.15-0.12.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35635	P	quagga-0.99.15-0.1.55 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35816	P	quagga-0.99.15-0.6.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:42042	P	quagga-0.99.15-0.1.55 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:31557	P	Security update for python-setuptools (Important)	2020-12-02
oval:org.opensuse.security:def:25859	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:26834	P	tomcat6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26306	P	Security update for python-Jinja2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25763	P	Security Update for Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31857	P	Security update for cups (Important)	2020-12-01
oval:org.opensuse.security:def:27023	P	quagga on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25366	P	Security update for ghostscript (Important)	2020-12-01
oval:org.opensuse.security:def:26000	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:27516	P	mozilla-nspr-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31763	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26444	P	Security update for mumble (Moderate)	2020-12-01
oval:org.opensuse.security:def:25865	P	Security update for pcre (Moderate)	2020-12-01
oval:org.opensuse.security:def:25378	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:31593	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:32527	P	gtk2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25835	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31969	P	Security update for ipsec-tools (Moderate)	2020-12-01
oval:org.opensuse.security:def:26679	P	cron on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25918	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32780	P	quagga on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31103	P	Security update for kernel-source (Important)	2020-12-01
oval:org.opensuse.security:def:25570	P	Security update for mailman (Important)	2020-12-01
oval:org.opensuse.security:def:26292	P	Security update for the Linux Kernel (Moderate)	2020-12-01
oval:org.opensuse.security:def:33209	P	mutt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25910	P	Security update for gstreamer-0_10-plugins-base (Low)	2020-12-01
oval:org.opensuse.security:def:26781	P	mailman on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26780	P	lvm2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31115	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25708	P	Security update for mariadb-100 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31949	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:26610	P	log4net on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31492	P	Security update for Python	2020-12-01
oval:org.opensuse.security:def:32361	P	Security update for strongswan (Important)	2020-12-01
oval:org.opensuse.security:def:31879	P	Security update for dhcp (Moderate)	2020-12-01
oval:org.opensuse.security:def:25187	P	Security update for java-1_7_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:25943	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32037	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:27283	P	quagga on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25574	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:31577	P	Security update for sudo (Important)	2020-12-01
oval:org.opensuse.security:def:26260	P	Security update for Mesa (Moderate)	2020-12-01
oval:org.opensuse.security:def:32466	P	Security update for xorg-x11-libs (Moderate)	2020-12-01
oval:org.opensuse.security:def:32561	P	libpng12-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25262	P	Security update for spamassassin (Important)	2020-12-01
oval:org.opensuse.security:def:31470	P	Security update for ppp	2020-12-01
oval:org.opensuse.security:def:32311	P	Security update for quagga (Moderate)	2020-12-01
oval:org.opensuse.security:def:25586	P	Security update for libvirt (Important)	2020-12-01
oval:org.opensuse.security:def:31801	P	security update for xen (Moderate)	2020-12-01
oval:org.opensuse.security:def:26464	P	Security update for enigmail (Moderate)	2020-12-01
oval:org.opensuse.security:def:25962	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:25471	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25778	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:31945	P	Security update for gnutls (Important)	2020-12-01
oval:org.opensuse.security:def:26552	P	g3utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26635	P	quagga on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25612	P	Security update for shim (Moderate)	2020-12-01
oval:org.opensuse.security:def:31818	P	Security update for audiofile (Moderate)	2020-12-01
oval:org.opensuse.security:def:26988	P	mailman on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25916	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:26878	P	curl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26387	P	Security update for ffmpeg (Moderate)	2020-12-01
oval:org.opensuse.security:def:25816	P	Security update for libqt4 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25367	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:31501	P	Security update for python-pycrypto (Important)	2020-12-01
oval:org.opensuse.security:def:27551	P	quagga on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25834	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31837	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:26528	P	bzip2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25904	P	Security update for gegl (Moderate)	2020-12-01
oval:org.opensuse.security:def:32741	P	libzip1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25442	P	Security update for libcaca (Moderate)	2020-12-01
oval:org.opensuse.security:def:26253	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32571	P	libvirt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25846	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:26732	P	kvm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31104	P	Security update for the SUSE Linux Enterprise 11 SP3 Kernel for Teradata (Important)	2020-12-01
oval:org.opensuse.security:def:25651	P	Security update for libvirt (Important)	2020-12-01
oval:org.opensuse.security:def:31893	P	Security update for expat (Moderate)	2020-12-01
oval:org.opensuse.security:def:26566	P	ipsec-tools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33248	P	quagga on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31491	P	Security update for Python	2020-12-01
oval:org.opensuse.security:def:26820	P	squid on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26815	P	quagga on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25186	P	Security update for ruby2.1 (Important)	2020-12-01
oval:org.opensuse.security:def:25792	P	Security update for libvirt (Moderate)	2020-12-01
oval:org.opensuse.security:def:31998	P	Security update for jpeg (Moderate)	2020-12-01
oval:org.opensuse.security:def:27248	P	nfs-client on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31503	P	Security update for python27 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32417	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:31923	P	Security update for ghostscript-library (Moderate)	2020-12-01
oval:org.opensuse.security:def:25198	P	Security update for perl (Important)	2020-12-01
oval:org.opensuse.security:def:31413	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:25996	P	Security update for libvirt (Moderate)	2020-12-01
oval:org.opensuse.security:def:25575	P	Security update for libX11 (Important)	2020-12-01
oval:org.opensuse.security:def:26411	P	Security update for go (Moderate)	2020-12-01
oval:org.opensuse.security:def:32505	P	enscript on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32600	P	quagga on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25390	P	Security update for python3 (Important)	2020-12-01
oval:org.opensuse.security:def:25650	P	Security update for SDL (Moderate)	2020-12-01
oval:org.opensuse.security:def:31858	P	Security update for cups (Important)	2020-12-01
oval:org.opensuse.security:def:26513	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:26600	P	librpcsecgss on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25528	P	Security update for texlive (Moderate)	2020-12-01
oval:org.opensuse.security:def:31769	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26350	P	Security update for ansible (Moderate)	2020-12-01
oval:org.mitre.oval:def:20362	P	DSA-1293-1 quagga	2014-06-23
oval:org.mitre.oval:def:22441	P	ELSA-2007:0389: quagga security update (Moderate)	2014-05-26
oval:org.mitre.oval:def:11048	V	bgpd/bgp_attr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0.99 versions, does not validate length values in the MP_REACH_NLRI and MP_UNREACH_NLRI attributes, which allows remote attackers to cause a denial of service (daemon crash or exit) via crafted UPDATE messages that trigger an assertion error or out of bounds read.	2013-04-29
oval:com.redhat.rhsa:def:20070389	P	RHSA-2007:0389: quagga security update (Moderate)	2007-05-30
oval:org.debian:def:1293	V	out of boundary read	2007-05-17