Vulnerability Description
The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Quagga | Quagga | <= 0.99.20.1 |
References
- http://rhn.redhat.com/errata/RHSA-2012-1259.html
- http://secunia.com/advisories/50941
- http://www.debian.org/security/2012/dsa-2497
- http://www.kb.cert.org/vuls/id/962587US Government Resource
- http://www.securityfocus.com/bid/53775
- http://www.ubuntu.com/usn/USN-1605-1
- http://rhn.redhat.com/errata/RHSA-2012-1259.html
- http://secunia.com/advisories/50941
- http://www.debian.org/security/2012/dsa-2497
- http://www.kb.cert.org/vuls/id/962587US Government Resource
- http://www.securityfocus.com/bid/53775
- http://www.ubuntu.com/usn/USN-1605-1
FAQ
What is CVE-2012-1820?
CVE-2012-1820 is a vulnerability with a CVSS score of 2.9 (LOW). The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationshi...
How severe is CVE-2012-1820?
CVE-2012-1820 has been rated LOW with a CVSS base score of 2.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-1820?
Check the references section above for vendor advisories and patch information. Affected products include: Quagga Quagga.