CVE-2007-1995 in Quaggainformazioni

Riassunto

di MITRE

bgpd/bgp_attr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0.99 versions, does not validate length values in the MP_REACH_NLRI and MP_UNREACH_NLRI attributes, which allows remote attackers to cause a denial of service (daemon crash or exit) via crafted UPDATE messages that trigger an assertion error or out of bounds read.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

11/04/2007

Divulgazione

12/04/2007

Moderazione

accettato

Voce

VDB-36137

CPE

pronto

CWE

CWE-20 (confermato)

CVSS

6.5 (VulDB)

EPSS

0.01740

KEV

Attività

molto basso

Settore

Hospital, Police, ...

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-1995
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-1995
CVE Details	https://www.cvedetails.com/cve/CVE-2007-1995/

◂ Precedente Visione D'ensemble Il prossimo ▸

Interested in the pricing of exploits?

See the underground prices here!