Vulnerability Name:

CVE-2011-3323 (CCN-70099)

Assigned:2011-09-26
Published:2011-09-26
Updated:2018-01-06
Summary:The OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (out-of-bounds memory access and daemon crash) via a Link State Update message with an invalid IPv6 prefix length.
CVSS v3 Severity:7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
5.8 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
5.4 Medium (REDHAT CVSS v2 Vector: AV:A/AC:M/Au:N/C:P/I:P/A:P)
4.0 Medium (REDHAT Temporal CVSS v2 Vector: AV:A/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Adjacent_Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-119
CWE-121
Vulnerability Consequences:Gain Access
References:Source: CONFIRM
Type: Patch
http://code.quagga.net/?p=quagga.git;a=commit;h=abc7ef44ca05493500865ce81f7b84f5c4eb6594

Source: MITRE
Type: CNA
CVE-2011-3323

Source: SUSE
Type: UNKNOWN
SUSE-SU-2011:1075

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2011:1155

Source: SUSE
Type: UNKNOWN
SUSE-SU-2011:1171

Source: SUSE
Type: UNKNOWN
SUSE-SU-2011:1316

Source: CCN
Type: RHSA-2012-1258
Moderate: quagga security update

Source: REDHAT
Type: UNKNOWN
RHSA-2012:1258

Source: CCN
Type: RHSA-2012-1259
Moderate: quagga security update

Source: REDHAT
Type: UNKNOWN
RHSA-2012:1259

Source: CCN
Type: SA46139
Quagga Multiple Denial of Service Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
46139

Source: SECUNIA
Type: UNKNOWN
46274

Source: SECUNIA
Type: UNKNOWN
48106

Source: GENTOO
Type: UNKNOWN
GLSA-201202-02

Source: DEBIAN
Type: UNKNOWN
DSA-2316

Source: DEBIAN
Type: DSA-2316
quagga -- several vulnerabilities

Source: CCN
Type: US-CERT VU#668534
Multiple Quagga remote component vulnerabilities

Source: CERT-VN
Type: US Government Resource
VU#668534

Source: CCN
Type: OSVDB ID: 75728
Quagga ospf6d Linkstate Message Parsing Remote IPv6 DoS

Source: CONFIRM
Type: UNKNOWN
http://www.quagga.net/download/quagga-0.99.19.changelog.txt

Source: CCN
Type: Quagga Web site
Quagga 0.99.19 Released

Source: CCN
Type: BID-49784
Quagga Multiple Remote Security Vulnerabilities

Source: XF
Type: UNKNOWN
quagga-ospf6d-linkstate-bo(70099)

Source: MISC
Type: UNKNOWN
https://www.cert.fi/en/reports/2011/vulnerability539178.html

Vulnerable Configuration:Configuration 1:
  • cpe:/a:quagga:quagga:0.95:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.96:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.96.1:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.96.2:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.96.3:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.96.4:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.96.5:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.97.0:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.97.1:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.97.2:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.97.3:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.97.4:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.97.5:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.98.0:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.98.1:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.98.2:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.98.3:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.98.4:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.98.5:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.98.6:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.1:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.2:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.3:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.4:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.5:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.6:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.7:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.8:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.9:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.10:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.11:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.12:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.13:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.14:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.15:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.16:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.17:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:*:*:*:*:*:*:*:* (Version <= 0.99.18)

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:quagga:quagga:0.98.5:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.3:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.98.3:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.11:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.16:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.17:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.4:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.5:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.6:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.7:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.8:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.9:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.98.6:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.1:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.15:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.2:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.96.2:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.96.3:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.96.4:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.97.3:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6:*:server:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6:*:workstation:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20113323
    V
    		CVE-2011-3323
    2022-05-20
    oval:org.mitre.oval:def:15222
    P
    		USN-1261-1 -- Quagga vulnerabilities
    2014-07-07
    oval:org.mitre.oval:def:15155
    P
    		DSA-2316-1 quagga -- several
    2014-06-23
    oval:org.mitre.oval:def:23882
    P
    		ELSA-2012:1259: quagga security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:23395
    P
    		ELSA-2012:1258: quagga security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:21278
    P
    		RHSA-2012:1259: quagga security update (Moderate)
    2014-02-24
    oval:org.mitre.oval:def:21326
    P
    		RHSA-2012:1258: quagga security update (Moderate)
    2014-02-24
    oval:com.redhat.rhsa:def:20121258
    P
    		RHSA-2012:1258: quagga security update (Moderate)
    2012-09-12
    oval:com.redhat.rhsa:def:20121259
    P
    		RHSA-2012:1259: quagga security update (Moderate)
    2012-09-12
    BACK
    quagga quagga 0.95
    quagga quagga 0.96
    quagga quagga 0.96.1
    quagga quagga 0.96.2
    quagga quagga 0.96.3
    quagga quagga 0.96.4
    quagga quagga 0.96.5
    quagga quagga 0.97.0
    quagga quagga 0.97.1
    quagga quagga 0.97.2
    quagga quagga 0.97.3
    quagga quagga 0.97.4
    quagga quagga 0.97.5
    quagga quagga 0.98.0
    quagga quagga 0.98.1
    quagga quagga 0.98.2
    quagga quagga 0.98.3
    quagga quagga 0.98.4
    quagga quagga 0.98.5
    quagga quagga 0.98.6
    quagga quagga 0.99.1
    quagga quagga 0.99.2
    quagga quagga 0.99.3
    quagga quagga 0.99.4
    quagga quagga 0.99.5
    quagga quagga 0.99.6
    quagga quagga 0.99.7
    quagga quagga 0.99.8
    quagga quagga 0.99.9
    quagga quagga 0.99.10
    quagga quagga 0.99.11
    quagga quagga 0.99.12
    quagga quagga 0.99.13
    quagga quagga 0.99.14
    quagga quagga 0.99.15
    quagga quagga 0.99.16
    quagga quagga 0.99.17
    quagga quagga *
    quagga quagga 0.98.5
    quagga quagga 0.99.3
    quagga quagga 0.98.3
    quagga quagga 0.99.11
    quagga quagga 0.99.16
    quagga quagga 0.99.17
    quagga quagga 0.99.4
    quagga quagga 0.99.5
    quagga quagga 0.99.6
    quagga quagga 0.99.7
    quagga quagga 0.99.8
    quagga quagga 0.99.9
    quagga quagga 0.98.6
    quagga quagga 0.99.1
    quagga quagga 0.99.15
    quagga quagga 0.99.2
    quagga quagga 0.96.2
    quagga quagga 0.96.3
    quagga quagga 0.96.4
    quagga quagga 0.97.3
    redhat enterprise linux 5
    redhat enterprise linux 5
    redhat enterprise linux 5
    redhat enterprise linux 6
    redhat enterprise linux 6