CVE-2012-5521 — MEDIUM (6.5)

Vulnerability Description

quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Quagga	Quagga	0.99.21
Debian	Debian Linux	8.0
Redhat	Enterprise Linux	5.0

Related Weaknesses (CWE)

CWE-617

References

http://www.openwall.com/lists/oss-security/2012/11/13/14Mailing ListThird Party Advisory
http://www.securityfocus.com/bid/56530Third Party AdvisoryVDB Entry
https://access.redhat.com/security/cve/cve-2012-5521Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5521Issue TrackingThird Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-5521Issue TrackingThird Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/80096Third Party AdvisoryVDB Entry
https://security-tracker.debian.org/tracker/CVE-2012-5521Third Party Advisory
http://www.openwall.com/lists/oss-security/2012/11/13/14Mailing ListThird Party Advisory
http://www.securityfocus.com/bid/56530Third Party AdvisoryVDB Entry
https://access.redhat.com/security/cve/cve-2012-5521Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5521Issue TrackingThird Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-5521Issue TrackingThird Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/80096Third Party AdvisoryVDB Entry
https://security-tracker.debian.org/tracker/CVE-2012-5521Third Party Advisory

FAQ

What is CVE-2012-5521?

CVE-2012-5521 is a vulnerability with a CVSS score of 6.5 (MEDIUM). quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal

How severe is CVE-2012-5521?

CVE-2012-5521 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2012-5521?

Check the references section above for vendor advisories and patch information. Affected products include: Quagga Quagga, Debian Debian Linux, Redhat Enterprise Linux.