Quagga BGPD Local Denial Of Service Vulnerability

Bugtraq ID:	17979
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2006-2276
Remote:	No
Local:	Yes
Published:	May 15 2006 12:00AM
Updated:	Nov 29 2006 09:30PM
Credit:	This issue was disclosed by Fredrik Widell.
Vulnerable:	Ubuntu Ubuntu Linux 5.10 powerpc Ubuntu Ubuntu Linux 5.10 i386 Ubuntu Ubuntu Linux 5.10 amd64 Ubuntu Ubuntu Linux 5.0 4 powerpc Ubuntu Ubuntu Linux 5.0 4 i386 Ubuntu Ubuntu Linux 5.0 4 amd64 Trustix Secure Linux 3.0 SGI ProPack 3.0 SP6 Redhat Enterprise Linux WS 4 Redhat Enterprise Linux WS 3 Redhat Enterprise Linux ES 4 Redhat Enterprise Linux ES 3 Redhat Enterprise Linux AS 4 Redhat Enterprise Linux AS 3 Redhat Enterprise Linux AS 2.1 IA64 Redhat Enterprise Linux AS 2.1 Redhat Desktop 4.0 Redhat Desktop 3.0 Redhat Advanced Workstation for the Itanium Processor 2.1 IA64 Redhat Advanced Workstation for the Itanium Processor 2.1 Quagga Quagga Routing Software Suite 0.98.3 Gentoo Linux Debian Linux 3.1 sparc Debian Linux 3.1 s/390 Debian Linux 3.1 ppc Debian Linux 3.1 mipsel Debian Linux 3.1 mips Debian Linux 3.1 m68k Debian Linux 3.1 ia-64 Debian Linux 3.1 ia-32 Debian Linux 3.1 hppa Debian Linux 3.1 arm Debian Linux 3.1 amd64 Debian Linux 3.1 alpha Debian Linux 3.1
Not Vulnerable:	Quagga Quagga Routing Software Suite 0.98.6

Quagga BGPD Local Denial Of Service Vulnerability

Quagga is prone to a local denial-of-service vulnerability.

An attacker can exploit this issue by using commands that cause the consumption of a large amount of CPU resources.

An attacker may cause the application to crash, thus denying service to legitimate users.

Version 0.98.3 is vulnerable; other versions may also be affected.

Quagga BGPD Local Denial Of Service Vulnerability

Attackers can use a telnet client application to exploit this issue locally.

Quagga BGPD Local Denial Of Service Vulnerability

Solution:
The vendor has released version 0.98.6 to address this issue.

Please see the referenced vendor advisories for information on obtaining and applying fixes.


Quagga Quagga Routing Software Suite 0.98.3

• Debian quagga_0.98.3-7.2_alpha.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7. 2_alpha.deb


• Debian quagga_0.98.3-7.2_amd64.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7. 2_amd64.deb


• Debian quagga_0.98.3-7.2_arm.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7. 2_arm.deb


• Debian quagga_0.98.3-7.2_hppa.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7. 2_hppa.deb


• Debian quagga_0.98.3-7.2_i386.deb7.2_arm.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.http ://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_i3 86.deb7.2_arm.deb


• Debian quagga_0.98.3-7.2_ia64.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7. 2_ia64.deb


• Debian quagga_0.98.3-7.2_m68k.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7. 2_m68k.deb


• Debian quagga_0.98.3-7.2_mips.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7. 2_mips.deb


• Debian quagga_0.98.3-7.2_mipsel.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7. 2_mipsel.deb


• Debian quagga_0.98.3-7.2_powerpc.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7. 2_powerpc.deb


• Debian quagga_0.98.3-7.2_s390.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7. 2_s390.deb


• Debian quagga_0.98.3-7.2_sparc.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7. 2_sparc.deb


• Quagga quagga-0.98.6.tar.gz
  http://www.quagga.net/download/quagga-0.98.6.tar.gz

Quagga BGPD Local Denial Of Service Vulnerability

References:

• [quagga-dev 4051] quagga locks with command sh ip bgp community 1:* (Fredrik Widell)
  
• Quagga Software Suite Homepage (Quagga)
  
• RHSA-2006:0525-5 - quagga security update (RedHat)
  
• RHSA-2006:0533-4 - zebra security update (RedHat)