Total vulnerabilities in the database
bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message.
| Software | From | Fixed in |
|---|---|---|
| quagga / quagga | 0.99.11 | 0.99.11.x |
| quagga / quagga | 0.99.2 | 0.99.2.x |
| quagga / quagga | 0.97.5 | 0.97.5.x |
| quagga / quagga | 0.95 | 0.95.x |
| quagga / quagga | 0.98.3 | 0.98.3.x |
| quagga / quagga | 0.96.3 | 0.96.3.x |
| quagga / quagga | 0.99.4 | 0.99.4.x |
| quagga / quagga | 0.99.7 | 0.99.7.x |
| quagga / quagga | 0.99.14 | 0.99.14.x |
| quagga / quagga | 0.99.5 | 0.99.5.x |
| quagga / quagga | 0.96.5 | 0.96.5.x |
| quagga / quagga | 0.98.0 | 0.98.0.x |
| quagga / quagga | - | 0.99.16.x |
| quagga / quagga | 0.96.1 | 0.96.1.x |
| quagga / quagga | 0.98.1 | 0.98.1.x |
| quagga / quagga | 0.96.4 | 0.96.4.x |
| quagga / quagga | 0.98.5 | 0.98.5.x |
| quagga / quagga | 0.97.3 | 0.97.3.x |
| quagga / quagga | 0.99.3 | 0.99.3.x |
| quagga / quagga | 0.99.13 | 0.99.13.x |
| quagga / quagga | 0.99.6 | 0.99.6.x |
| quagga / quagga | 0.98.6 | 0.98.6.x |
| quagga / quagga | 0.97.4 | 0.97.4.x |
| quagga / quagga | 0.98.4 | 0.98.4.x |
| quagga / quagga | 0.99.12 | 0.99.12.x |
| quagga / quagga | 0.98.2 | 0.98.2.x |
| quagga / quagga | 0.97.1 | 0.97.1.x |
| quagga / quagga | 0.97.0 | 0.97.0.x |
| quagga / quagga | 0.96.2 | 0.96.2.x |
| quagga / quagga | 0.99.9 | 0.99.9.x |
| quagga / quagga | 0.99.1 | 0.99.1.x |
| quagga / quagga | 0.97.2 | 0.97.2.x |
| quagga / quagga | 0.99.15 | 0.99.15.x |
| quagga / quagga | 0.99.10 | 0.99.10.x |
| quagga / quagga | 0.99.8 | 0.99.8.x |
| quagga / quagga | 0.96 | 0.96.x |