CVE-2007-1995
Last modified
CVE-2007-1995 is a vulnerability of currently unknown severity. bgpd/bgp_attr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0.99 versions, does not validate length values in the MP_REACH_NLRI and MP_UNREACH_NLRI attributes, which allows remote attackers to cause a denial of service (daemon crash or exit) via crafted UPDATE messages that trigger an assertion error or out of bounds read.. EPSS estimates a 1.74% chance of exploitation in the next 30 days.
Description
bgpd/bgp_attr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0.99 versions, does not validate length values in the MP_REACH_NLRI and MP_UNREACH_NLRI attributes, which allows remote attackers to cause a denial of service (daemon crash or exit) via crafted UPDATE messages that trigger an assertion error or out of bounds read.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Quagga | Quagga | <= 0.98.6 |
| Quagga | Quagga | 0.95 |
| Quagga | Quagga | 0.96 |
| Quagga | Quagga | 0.96.1 |
| Quagga | Quagga | 0.96.2 |
| Quagga | Quagga | 0.96.3 |
| Quagga | Quagga | 0.96.4 |
| Quagga | Quagga | 0.96.5 |
| Quagga | Quagga | 0.97.0 |
| Quagga | Quagga | 0.97.1 |
| Quagga | Quagga | 0.97.2 |
| Quagga | Quagga | 0.97.3 |
| Quagga | Quagga | 0.97.4 |
| Quagga | Quagga | 0.97.5 |
| Quagga | Quagga | 0.98.0 |
| Quagga | Quagga | 0.98.1 |
| Quagga | Quagga | 0.98.2 |
| Quagga | Quagga | 0.98.3 |
| Quagga | Quagga | 0.98.4 |
| Quagga | Quagga | 0.98.5 |
References
- http://secunia.com/advisories/24808Vendor Advisory
- http://secunia.com/advisories/25084Vendor Advisory
- http://secunia.com/advisories/25119Vendor Advisory
- http://secunia.com/advisories/25255Vendor Advisory
- http://secunia.com/advisories/25293Vendor Advisory
- http://secunia.com/advisories/25312Vendor Advisory
- http://secunia.com/advisories/25428Vendor Advisory
- http://secunia.com/advisories/29743Vendor Advisory
- http://www.vupen.com/english/advisories/2007/1336Vendor Advisory
- http://www.vupen.com/english/advisories/2008/1195/referencesVendor Advisory
- http://secunia.com/advisories/24808Vendor Advisory
- http://secunia.com/advisories/25084Vendor Advisory
- http://secunia.com/advisories/25119Vendor Advisory
- http://secunia.com/advisories/25255Vendor Advisory
- http://secunia.com/advisories/25293Vendor Advisory
- http://secunia.com/advisories/25312Vendor Advisory
- http://secunia.com/advisories/25428Vendor Advisory
- http://secunia.com/advisories/29743Vendor Advisory
- http://www.vupen.com/english/advisories/2007/1336Vendor Advisory
- http://www.vupen.com/english/advisories/2008/1195/referencesVendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2007-1995?
How severe is CVE-2007-1995?
How do I fix CVE-2007-1995?
Are you affected by CVE-2007-1995?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST