CVE-2011-3327
published 2011-10-10CVE-2011-3327: Heap-based buffer overflow in the ecommunity_ecom2str function in bgp_ecommunity.c in bgpd in Quagga before 0.99.19 allows remote attackers to cause a denial…
PriorityP346high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
7.61%
93.8th percentile
Heap-based buffer overflow in the ecommunity_ecom2str function in bgp_ecommunity.c in bgpd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by sending a crafted BGP UPDATE message over IPv4.
Affected
38 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| quagga | quagga | <= 0.99.18 | — |
| quagga | quagga | — | — |
| quagga | quagga | — | — |
| quagga | quagga | — | — |
| quagga | quagga | — | — |
| quagga | quagga | — | — |
| quagga | quagga | — | — |
| quagga | quagga | — | — |
| quagga | quagga | — | — |
| quagga | quagga | — | — |
| quagga | quagga | — | — |
| quagga | quagga | — | — |
| quagga | quagga | — | — |
| quagga | quagga | — | — |
| quagga | quagga | — | — |
| quagga | quagga | — | — |
| quagga | quagga | — | — |
| quagga | quagga | — | — |
| quagga | quagga | — | — |
| quagga | quagga | — | — |
| quagga | quagga | — | — |
| quagga | quagga | — | — |
| quagga | quagga | — | — |
| quagga | quagga | — | — |
| quagga | quagga | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat7.5HIGH
vendor_ubuntu5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Quagga vulnerabilities
vendor_ubuntu·2011-11-14·CVSS 5.0
CVE-2011-3325 [MEDIUM] Quagga vulnerabilities
Title: Quagga vulnerabilities
Summary: Quagga could be made to crash or run programs if it received specially
crafted network traffic.
Riku Hietamäki, Tuomo Untinen and Jukka Taimisto discovered that Quagga
incorrectly handled Link State Update messages with invalid lengths. A
remote attacker could use this flaw to cause Quagga to crash, resulting in
a denial of service. (CVE-2011-3323)
Riku Hietamäki, Tuomo Untinen and Jukka Taimisto discovered that Quagga
incorrectly handled certain IPv6 Database Description messages. A remote
attacker could use this flaw to cause Quagga to crash, resulting in a
denial of service. (CVE-2011-3324)
Riku Hietamäki, Tuomo Untinen and Jukka Taimisto discovered that Quagga
incorrectly handled certain IPv4 packets. A remote attacker could use this
flaw to c
Red Hat
(bgpd): Heap-based buffer overflow by decoding BGP UPDATE message with unknown AS_PATH attributes
vendor_redhat·2011-09-26·CVSS 7.5
CVE-2011-3327 [HIGH] CWE-122 (bgpd): Heap-based buffer overflow by decoding BGP UPDATE message with unknown AS_PATH attributes
(bgpd): Heap-based buffer overflow by decoding BGP UPDATE message with unknown AS_PATH attributes
Heap-based buffer overflow in the ecommunity_ecom2str function in bgp_ecommunity.c in bgpd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by sending a crafted BGP UPDATE message over IPv4.
Package: quagga (Red Hat Enterprise Linux 4) - Affected
GHSA
GHSA-3f8p-77gw-5f5c: Heap-based buffer overflow in the ecommunity_ecom2str function in bgp_ecommunity
ghsa_unreviewed·2022-05-14
CVE-2011-3327 [HIGH] CWE-119 GHSA-3f8p-77gw-5f5c: Heap-based buffer overflow in the ecommunity_ecom2str function in bgp_ecommunity
Heap-based buffer overflow in the ecommunity_ecom2str function in bgp_ecommunity.c in bgpd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by sending a crafted BGP UPDATE message over IPv4.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2011-3323 CVE-2011-3324 CVE-2011-3325 CVE-2011-3326 CVE-2011-3327 quagga various flaws [fedora-all]
bugzilla·2011-09-26·CVSS 5.0
CVE-2011-3323 [MEDIUM] CVE-2011-3323 CVE-2011-3324 CVE-2011-3325 CVE-2011-3326 CVE-2011-3327 quagga various flaws [fedora-all]
CVE-2011-3323 CVE-2011-3324 CVE-2011-3325 CVE-2011-3326 CVE-2011-3327 quagga various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include the bug IDs of the
respective parent bugs filed against the "Security Response" product.
Please mention CVE ids in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=738393
Please note
Bugzilla
CVE-2011-3327 Quagga (bgpd): Heap-based buffer overflow by decoding BGP UPDATE message with unknown AS_PATH attributes
bugzilla·2011-09-14·CVSS 7.5
CVE-2011-3327 [HIGH] CVE-2011-3327 Quagga (bgpd): Heap-based buffer overflow by decoding BGP UPDATE message with unknown AS_PATH attributes
CVE-2011-3327 Quagga (bgpd): Heap-based buffer overflow by decoding BGP UPDATE message with unknown AS_PATH attributes
A heap-based buffer overflow flaw was found in the way bgpd daemon of the Quagga routing suite processed BGP UPDATE messages containing unknown AS_PATH in Extended Communities Path Attribute. A configured BGP peer could use this flaw to cause the master BGP daemon (bgpd) to crash, or, potentially execute arbitrary code with the privileges of the user running bgpd.
Discussion:
This issue affects the versions of the quagga package, as shipped with Red Hat
Enterprise Linux 4, 5, and 6.
--
This issue affects the versions of the quagga package, as shipped with Fedora
release of 14 and 15.
---
Created attachment 523215
Upstream CVE-2011-3327 patch for Quagga-master branch
http://code.quagga.net/?p=quagga.git%3Ba=commit%3Bh=94431dbc753171b48b5c6806af97fd690813b00ahttp://lists.opensuse.org/opensuse-security-announce/2011-09/msg00027.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-10/msg00007.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-10/msg00010.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.htmlhttp://rhn.redhat.com/errata/RHSA-2012-1258.htmlhttp://rhn.redhat.com/errata/RHSA-2012-1259.htmlhttp://secunia.com/advisories/46139http://secunia.com/advisories/46274http://secunia.com/advisories/48106http://security.gentoo.org/glsa/glsa-201202-02.xmlhttp://www.debian.org/security/2011/dsa-2316http://www.kb.cert.org/vuls/id/668534http://www.quagga.net/download/quagga-0.99.19.changelog.txthttps://bugzilla.redhat.com/show_bug.cgi?id=738400https://www.cert.fi/en/reports/2011/vulnerability539178.htmlhttp://code.quagga.net/?p=quagga.git%3Ba=commit%3Bh=94431dbc753171b48b5c6806af97fd690813b00ahttp://lists.opensuse.org/opensuse-security-announce/2011-09/msg00027.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-10/msg00007.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-10/msg00010.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.htmlhttp://rhn.redhat.com/errata/RHSA-2012-1258.htmlhttp://rhn.redhat.com/errata/RHSA-2012-1259.htmlhttp://secunia.com/advisories/46139http://secunia.com/advisories/46274http://secunia.com/advisories/48106http://security.gentoo.org/glsa/glsa-201202-02.xmlhttp://www.debian.org/security/2011/dsa-2316http://www.kb.cert.org/vuls/id/668534http://www.quagga.net/download/quagga-0.99.19.changelog.txthttps://bugzilla.redhat.com/show_bug.cgi?id=738400https://www.cert.fi/en/reports/2011/vulnerability539178.html
2011-10-10
Published