Vulnerability Name:

CVE-2007-4826 (CCN-36551)

Assigned:2007-09-07
Published:2007-09-07
Updated:2017-07-29
Summary:bgpd in Quagga before 0.99.9 allows explicitly configured BGP peers to cause a denial of service (crash) via a malformed (1) OPEN message or (2) a COMMUNITY attribute, which triggers a NULL pointer dereference.
Note: vector 2 only exists when debugging is enabled.
CVSS v3 Severity:4.8 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:3.5 Low (CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:N/A:P)
2.6 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
6.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:N/A:C)
4.7 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
3.3 Low (REDHAT CVSS v2 Vector: AV:A/AC:L/Au:N/C:N/I:N/A:P)
2.4 Low (REDHAT Temporal CVSS v2 Vector: AV:A/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Adjacent_Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-noinfo
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2007-4826

Source: FEDORA
Type: UNKNOWN
FEDORA-2007-2196

Source: MLIST
Type: UNKNOWN
[debian-security-announce] 20071003 [SECURITY] [DSA 1379-1] New quagga packages fix denial of service

Source: CONFIRM
Type: Patch
http://quagga.net/news2.php?y=2007&m=9&d=7#id1189190760

Source: CCN
Type: RHSA-2010-0785
Moderate: quagga security update

Source: CCN
Type: SA26744
Quagga Multiple Denial of Service Vulnerabilities

Source: SECUNIA
Type: Patch, Vendor Advisory
26744

Source: SECUNIA
Type: Vendor Advisory
26829

Source: SECUNIA
Type: Vendor Advisory
26863

Source: SECUNIA
Type: Vendor Advisory
27049

Source: CCN
Type: SA29743
Sun Solaris Quagga Multiple Denial of Service Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
29743

Source: SUNALERT
Type: UNKNOWN
236141

Source: CCN
Type: Sun Alert ID: 236141
Security Vulnerabilities in the GNU Zebra and Quagga BGP Routing Daemon May Allow for Denial of Service

Source: CCN
Type: ASA-2008-176
Security Vulnerabilities in the GNU Zebra and Quagga BGP Routing Daemon May Allow for Denial of Service (Sun 236141)

Source: DEBIAN
Type: UNKNOWN
DSA-1382

Source: DEBIAN
Type: DSA-1382
quagga -- null pointer dereference

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2007:182

Source: CCN
Type: OSVDB ID: 40493
Quagga bgpd Malformed OPEN Message Handling DoS

Source: CCN
Type: OSVDB ID: 40494
Quagga bgpd Malformed COMMUNITY Attribute Handling DoS

Source: CONFIRM
Type: UNKNOWN
http://www.quagga.net/download/quagga-0.99.9.changelog.txt

Source: CCN
Type: Quagga Software Routing Suite Web site
2007-09-07: Quagga 0.99.9 Released - bgpd: Low impact DoS (Mu Security)

Source: REDHAT
Type: UNKNOWN
RHSA-2010:0785

Source: BID
Type: Patch
25634

Source: CCN
Type: BID-25634
Quagga Routing Suite Multiple Denial Of Service Vulnerabilities

Source: TRUSTIX
Type: UNKNOWN
2007-0028

Source: CCN
Type: USN-512-1
Quagga vulnerability

Source: UBUNTU
Type: UNKNOWN
USN-512-1

Source: VUPEN
Type: Vendor Advisory
ADV-2007-3129

Source: VUPEN
Type: Vendor Advisory
ADV-2008-1195

Source: XF
Type: UNKNOWN
quagga-bgpd-dos(36551)

Source: XF
Type: UNKNOWN
quagga-bgpd-dos(36551)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:quagga:quagga:0.95:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.96:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.96.1:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.96.2:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.96.3:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.96.4:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.96.5:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.97.0:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.97.1:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.97.2:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.97.3:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.97.4:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.97.5:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.98.0:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.98.1:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.98.2:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.98.3:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.98.4:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.98.5:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.98.6:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.1:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.2:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.3:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.4:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.5:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.6:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.7:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:*:*:*:*:*:*:*:* (Version <= 0.99.8)

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

    • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:17555
    P
    		USN-512-1 -- quagga vulnerability
    2014-06-30
    oval:org.mitre.oval:def:20392
    P
    		DSA-1382-1 quagga
    2014-06-23
    oval:org.mitre.oval:def:22922
    P
    		ELSA-2010:0785: quagga security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:22296
    P
    		RHSA-2010:0785: quagga security update (Moderate)
    2014-02-24
    oval:com.redhat.rhsa:def:20100785
    P
    		RHSA-2010:0785: quagga security update (Moderate)
    2010-10-20
    oval:org.debian:def:1382
    V
    		null pointer dereference
    2007-10-01
    BACK
    quagga quagga 0.95
    quagga quagga 0.96
    quagga quagga 0.96.1
    quagga quagga 0.96.2
    quagga quagga 0.96.3
    quagga quagga 0.96.4
    quagga quagga 0.96.5
    quagga quagga 0.97.0
    quagga quagga 0.97.1
    quagga quagga 0.97.2
    quagga quagga 0.97.3
    quagga quagga 0.97.4
    quagga quagga 0.97.5
    quagga quagga 0.98.0
    quagga quagga 0.98.1
    quagga quagga 0.98.2
    quagga quagga 0.98.3
    quagga quagga 0.98.4
    quagga quagga 0.98.5
    quagga quagga 0.98.6
    quagga quagga 0.99.1
    quagga quagga 0.99.2
    quagga quagga 0.99.3
    quagga quagga 0.99.4
    quagga quagga 0.99.5
    quagga quagga 0.99.6
    quagga quagga 0.99.7
    quagga quagga *