CVE-2009-1572

The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service (crash) via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error.

Published: May 6, 2009
Updated: Apr 13, 2023
CVE: CVE-2009-1572
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
quagga / quagga	0.99.2	0.99.2.x
quagga / quagga	0.97.5	0.97.5.x
quagga / quagga	0.95	0.95.x
quagga / quagga	0.98.3	0.98.3.x
quagga / quagga	0.96.3	0.96.3.x
quagga / quagga	0.99.4	0.99.4.x
quagga / quagga	0.99.7	0.99.7.x
quagga / quagga	0.99.5	0.99.5.x
quagga / quagga	-	0.99.11.x
quagga / quagga	0.96.5	0.96.5.x
quagga / quagga	0.98.0	0.98.0.x
quagga / quagga	0.96.1	0.96.1.x
quagga / quagga	0.98.1	0.98.1.x
quagga / quagga	0.96.4	0.96.4.x
quagga / quagga	0.98.5	0.98.5.x
quagga / quagga	0.97.3	0.97.3.x
quagga / quagga	0.99.3	0.99.3.x
quagga / quagga	0.99.6	0.99.6.x
quagga / quagga	0.98.6	0.98.6.x
quagga / quagga	0.97.4	0.97.4.x
quagga / quagga	0.98.4	0.98.4.x
quagga / quagga	0.98.2	0.98.2.x
quagga / quagga	0.97.1	0.97.1.x
quagga / quagga	0.97.0	0.97.0.x
quagga / quagga	0.96.2	0.96.2.x
quagga / quagga	0.99.9	0.99.9.x
quagga / quagga	0.99.1	0.99.1.x
quagga / quagga	0.97.2	0.97.2.x
quagga / quagga	0.99.10	0.99.10.x
quagga / quagga	0.99.8	0.99.8.x
quagga / quagga	0.96	0.96.x

Vulnerability Database

289,697

CVE-2009-1572