Total vulnerabilities in the database
The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command to the telnet CLI port, which may trigger a null dereference.
| Software | From | Fixed in |
|---|---|---|
| quagga / quagga | 0.95 | 0.95.x |
| gnu / zebra | 0.92a | 0.92a.x |
| quagga / quagga | 0.96.1 | 0.96.1.x |
| sgi / propack | 2.2.1 | 2.2.1.x |
| gnu / zebra | 0.93b | 0.93b.x |
| sgi / propack | 2.3 | 2.3.x |
| gnu / zebra | 0.91a | 0.91a.x |
| quagga / quagga | - | 0.96.3.x |
| quagga / quagga | 0.96.2 | 0.96.2.x |
| gnu / zebra | 0.93a | 0.93a.x |
| quagga / quagga | 0.96 | 0.96.x |