Back to search
CVE-2009-1572
Published: May 6, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service (crash) via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
54200
vdb-entry
x_refsource_OSVDB
35203
third-party-advisory
x_refsource_SECUNIA
34999
third-party-advisory
x_refsource_SECUNIA
MDVSA-2009:109
vendor-advisory
x_refsource_MANDRIVA
1022164
vdb-entry
x_refsource_SECTRACK
USN-775-1
vendor-advisory
x_refsource_UBUNTU
[oss-security] 20090501 CVE request (sort of): Quagga BGP crasher
mailing-list
x_refsource_MLIST
[quagga-dev] 20090203 [quagga-dev 6391] [PATCH] BGP 4-byte ASN bug fixes
mailing-list
x_refsource_MLIST
http://thread.gmane.org/gmane.network.quagga.devel/6513
x_refsource_MISC
DSA-1788
vendor-advisory
x_refsource_DEBIAN
quagga-systemnumber-dos(50317)
vdb-entry
x_refsource_XF
35685
third-party-advisory
x_refsource_SECUNIA
FEDORA-2009-5324
vendor-advisory
x_refsource_FEDORA
35061
third-party-advisory
x_refsource_SECUNIA
SUSE-SR:2009:012
vendor-advisory
x_refsource_SUSE
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526311
x_refsource_CONFIRM
FEDORA-2009-5284
vendor-advisory
x_refsource_FEDORA
34817
vdb-entry
x_refsource_BID
[oss-security] 20090501 Re: CVE request (sort of): Quagga BGP crasher
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now