FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

quagga -- Denial of Service

Affected packages
quagga < 0.99.11_3

Details

VuXML ID 2748fdde-3a3c-11de-bbc5-00e0815b8da8
Discovery 2009-05-04
Entry 2009-05-06
Modified 2009-05-07

Debian Security Team reports:

It was discovered that Quagga, an IP routing daemon, could no longer process the Internet routing table due to broken handling of multiple 4-byte AS numbers in an AS path. If such a prefix is received, the BGP daemon crashes with an assert failure leading to a denial of service.

References

Bugtraq ID 34656
CVE Name CVE-2009-1572
Message Pine.LNX.4.64.0904301931590.24373@nacho.alt.net