CVE-2012-1820

The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message.

Published: Jun 13, 2012
Updated: Apr 13, 2023
CVE: CVE-2012-1820
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 2.9
AV:A/AC:M/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
quagga / quagga	0.99.11	0.99.11.x
quagga / quagga	0.99.2	0.99.2.x
quagga / quagga	0.97.5	0.97.5.x
quagga / quagga	0.95	0.95.x
quagga / quagga	0.98.3	0.98.3.x
quagga / quagga	0.96.3	0.96.3.x
quagga / quagga	0.99.4	0.99.4.x
quagga / quagga	0.99.18	0.99.18.x
quagga / quagga	0.99.7	0.99.7.x
quagga / quagga	0.99.14	0.99.14.x
quagga / quagga	0.99.19	0.99.19.x
quagga / quagga	0.99.5	0.99.5.x
quagga / quagga	0.96.5	0.96.5.x
quagga / quagga	0.98.0	0.98.0.x
quagga / quagga	0.99.16	0.99.16.x
quagga / quagga	0.96.1	0.96.1.x
quagga / quagga	0.98.1	0.98.1.x
quagga / quagga	0.96.4	0.96.4.x
quagga / quagga	0.98.5	0.98.5.x
quagga / quagga	0.97.3	0.97.3.x
quagga / quagga	0.99.17	0.99.17.x
quagga / quagga	0.99.3	0.99.3.x
quagga / quagga	0.99.13	0.99.13.x
quagga / quagga	0.99.6	0.99.6.x
quagga / quagga	0.98.6	0.98.6.x
quagga / quagga	0.97.4	0.97.4.x
quagga / quagga	0.98.4	0.98.4.x
quagga / quagga	0.99.12	0.99.12.x
quagga / quagga	0.98.2	0.98.2.x
quagga / quagga	0.97.1	0.97.1.x
quagga / quagga	0.97.0	0.97.0.x
quagga / quagga	0.96.2	0.96.2.x
quagga / quagga	0.99.9	0.99.9.x
quagga / quagga	0.99.1	0.99.1.x
quagga / quagga	0.97.2	0.97.2.x
quagga / quagga	0.99.20	0.99.20.x
quagga / quagga	0.99.15	0.99.15.x
quagga / quagga	0.99.10	0.99.10.x
quagga / quagga	0.99.8	0.99.8.x
quagga / quagga	-	0.99.20.1.x
quagga / quagga	0.96	0.96.x

Vulnerability Database

289,697

CVE-2012-1820