← back
CVE-2007-4826

CVE-2007-4826

EPSS 1.7%
bgpd in Quagga before 0.99.9 allows explicitly configured BGP peers to cause a denial of service (crash) via a malformed (1) OPEN message or (2) a COMMUNITY attribute, which triggers a NULL pointer dereference. NOTE: vector 2 only exists when debugging is enabled.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://fedoranews.org/updates/FEDORA-2007-219.shtmlhttp://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00153.htmlhttp://quagga.net/news2.php?y=2007&m=9&d=7#id1189190760http://secunia.com/advisories/26744http://secunia.com/advisories/26829http://secunia.com/advisories/26863http://secunia.com/advisories/27049http://secunia.com/advisories/29743https://exchange.xforce.ibmcloud.com/vulnerabilities/36551http://sunsolve.sun.com/search/document.do?assetkey=1-26-236141-1http://www.debian.org/security/2007/dsa-1382http://www.mandriva.com/security/advisories?name=MDKSA-2007:182