Vulnerability Name:

CVE-2011-3324 (CCN-70100)

Assigned:2011-09-26
Published:2011-09-26
Updated:2018-01-06
Summary:The ospf6_lsa_is_changed function in ospf6_lsa.c in the OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via trailing zero values in the Link State Advertisement (LSA) header list of an IPv6 Database Description message.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
2.9 Low (REDHAT CVSS v2 Vector: AV:A/AC:M/Au:N/C:N/I:N/A:P)
2.1 Low (REDHAT Temporal CVSS v2 Vector: AV:A/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Adjacent_Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-399
Vulnerability Consequences:Denial of Service
References:Source: CONFIRM
Type: UNKNOWN
http://code.quagga.net/?p=quagga.git;a=commit;h=09395e2a0e93b2cf4258cb1de91887948796bb68

Source: MITRE
Type: CNA
CVE-2011-3324

Source: SUSE
Type: UNKNOWN
SUSE-SU-2011:1075

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2011:1155

Source: SUSE
Type: UNKNOWN
SUSE-SU-2011:1171

Source: SUSE
Type: UNKNOWN
SUSE-SU-2011:1316

Source: CCN
Type: RHSA-2012-1258
Moderate: quagga security update

Source: REDHAT
Type: UNKNOWN
RHSA-2012:1258

Source: CCN
Type: RHSA-2012-1259
Moderate: quagga security update

Source: REDHAT
Type: UNKNOWN
RHSA-2012:1259

Source: CCN
Type: SA46139
Quagga Multiple Denial of Service Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
46139

Source: SECUNIA
Type: UNKNOWN
46274

Source: SECUNIA
Type: UNKNOWN
48106

Source: GENTOO
Type: UNKNOWN
GLSA-201202-02

Source: DEBIAN
Type: UNKNOWN
DSA-2316

Source: DEBIAN
Type: DSA-2316
quagga -- several vulnerabilities

Source: CCN
Type: US-CERT VU#668534
Multiple Quagga remote component vulnerabilities

Source: CERT-VN
Type: US Government Resource
VU#668534

Source: CCN
Type: OSVDB ID: 75729
Quagga ospf6d Database Description Message Parsing Remote IPv6 DoS

Source: CONFIRM
Type: UNKNOWN
http://www.quagga.net/download/quagga-0.99.19.changelog.txt

Source: CCN
Type: Quagga Web site
Quagga 0.99.19 Released

Source: CCN
Type: BID-49784
Quagga Multiple Remote Security Vulnerabilities

Source: XF
Type: UNKNOWN
quagga-ospf6d-database-dos(70100)

Source: MISC
Type: UNKNOWN
https://www.cert.fi/en/reports/2011/vulnerability539178.html

Vulnerable Configuration:Configuration 1:
  • cpe:/a:quagga:quagga:0.95:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.96:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.96.1:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.96.2:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.96.3:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.96.4:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.96.5:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.97.0:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.97.1:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.97.2:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.97.3:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.97.4:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.97.5:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.98.0:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.98.1:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.98.2:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.98.3:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.98.4:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.98.5:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.98.6:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.1:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.2:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.3:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.4:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.5:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.6:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.7:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.8:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.9:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.10:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.11:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.12:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.13:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.14:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.15:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.16:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.17:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:*:*:*:*:*:*:*:* (Version <= 0.99.18)

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:quagga:quagga:0.98.5:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.3:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.98.3:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.11:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.16:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.17:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.4:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.5:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.6:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.7:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.8:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.9:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.98.6:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.1:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.15:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.99.2:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.96.2:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.96.3:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.96.4:*:*:*:*:*:*:*
  • OR cpe:/a:quagga:quagga:0.97.3:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6:*:server:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6:*:workstation:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20113324
    V
    		CVE-2011-3324
    2022-05-20
    oval:org.mitre.oval:def:15222
    P
    		USN-1261-1 -- Quagga vulnerabilities
    2014-07-07
    oval:org.mitre.oval:def:15155
    P
    		DSA-2316-1 quagga -- several
    2014-06-23
    oval:org.mitre.oval:def:23882
    P
    		ELSA-2012:1259: quagga security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:23395
    P
    		ELSA-2012:1258: quagga security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:21278
    P
    		RHSA-2012:1259: quagga security update (Moderate)
    2014-02-24
    oval:org.mitre.oval:def:21326
    P
    		RHSA-2012:1258: quagga security update (Moderate)
    2014-02-24
    oval:com.redhat.rhsa:def:20121258
    P
    		RHSA-2012:1258: quagga security update (Moderate)
    2012-09-12
    oval:com.redhat.rhsa:def:20121259
    P
    		RHSA-2012:1259: quagga security update (Moderate)
    2012-09-12
    BACK
    quagga quagga 0.95
    quagga quagga 0.96
    quagga quagga 0.96.1
    quagga quagga 0.96.2
    quagga quagga 0.96.3
    quagga quagga 0.96.4
    quagga quagga 0.96.5
    quagga quagga 0.97.0
    quagga quagga 0.97.1
    quagga quagga 0.97.2
    quagga quagga 0.97.3
    quagga quagga 0.97.4
    quagga quagga 0.97.5
    quagga quagga 0.98.0
    quagga quagga 0.98.1
    quagga quagga 0.98.2
    quagga quagga 0.98.3
    quagga quagga 0.98.4
    quagga quagga 0.98.5
    quagga quagga 0.98.6
    quagga quagga 0.99.1
    quagga quagga 0.99.2
    quagga quagga 0.99.3
    quagga quagga 0.99.4
    quagga quagga 0.99.5
    quagga quagga 0.99.6
    quagga quagga 0.99.7
    quagga quagga 0.99.8
    quagga quagga 0.99.9
    quagga quagga 0.99.10
    quagga quagga 0.99.11
    quagga quagga 0.99.12
    quagga quagga 0.99.13
    quagga quagga 0.99.14
    quagga quagga 0.99.15
    quagga quagga 0.99.16
    quagga quagga 0.99.17
    quagga quagga *
    quagga quagga 0.98.5
    quagga quagga 0.99.3
    quagga quagga 0.98.3
    quagga quagga 0.99.11
    quagga quagga 0.99.16
    quagga quagga 0.99.17
    quagga quagga 0.99.4
    quagga quagga 0.99.5
    quagga quagga 0.99.6
    quagga quagga 0.99.7
    quagga quagga 0.99.8
    quagga quagga 0.99.9
    quagga quagga 0.98.6
    quagga quagga 0.99.1
    quagga quagga 0.99.15
    quagga quagga 0.99.2
    quagga quagga 0.96.2
    quagga quagga 0.96.3
    quagga quagga 0.96.4
    quagga quagga 0.97.3
    redhat enterprise linux 5
    redhat enterprise linux 5
    redhat enterprise linux 5
    redhat enterprise linux 6
    redhat enterprise linux 6