CVE-2012-1820

8 documents6 sources
Severity
2.9LOW
EPSS
0.2%
top 57.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Quagga Quagga
Timeline
PublishedJun 13
Latest updateMay 17

Description

The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message.

CVSS vector

AV:A/AC:M/C:N/I:N/A:PExploitability: 5.5 | Impact: 2.9

Affected Packages1 packages

NVDquagga/quagga0.99.20.1+40

🔴Vulnerability Details

2
GHSA
GHSA-mgpv-2w6f-2v7h: The bgp_capability_orf function in bgpd in Quagga 02022-05-17
CVEList
CVE-2012-1820: The bgp_capability_orf function in bgpd in Quagga 02012-06-13

📋Vendor Advisories

2
Ubuntu
Quagga vulnerability2012-10-11
Red Hat
(bgpd): Assertion failure by processing BGP OPEN message with malformed ORF capability TLV (VU#962587)2012-06-03

💬Community

2
Bugzilla
CVE-2012-1820 quagga (bgpd): Assertion failure by processing BGP OPEN message with malformed ORF capability TLV (VU#962587) [fedora-all]2012-06-06
Bugzilla
CVE-2012-1820 quagga (bgpd): Assertion failure by processing BGP OPEN message with malformed ORF capability TLV (VU#962587)2012-04-30
CVE-2012-1820 (LOW CVSS 2.9) | The bgp_capability_orf function in | cvebase.io