Quagga Routing Suite Multiple Denial Of Service Vulnerabilities

Bugtraq ID:	25634
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2007-4826
Remote:	Yes
Local:	No
Published:	Sep 11 2007 12:00AM
Updated:	Sep 13 2012 05:20PM
Credit:	The vendor credits Mu Security with the discovery of these vulnerabilities.
Vulnerable:	Ubuntu Ubuntu Linux 7.04 sparc Ubuntu Ubuntu Linux 7.04 powerpc Ubuntu Ubuntu Linux 7.04 i386 Ubuntu Ubuntu Linux 7.04 amd64 Ubuntu Ubuntu Linux 6.10 sparc Ubuntu Ubuntu Linux 6.10 powerpc Ubuntu Ubuntu Linux 6.10 i386 Ubuntu Ubuntu Linux 6.10 amd64 Ubuntu Ubuntu Linux 6.06 LTS sparc Ubuntu Ubuntu Linux 6.06 LTS powerpc Ubuntu Ubuntu Linux 6.06 LTS i386 Ubuntu Ubuntu Linux 6.06 LTS amd64 Trustix Secure Linux 3.0.5 Trustix Secure Linux 3.0 Trustix Secure Linux 2.2 Sun Solaris 10_x86 Sun Solaris 10_sparc RedHat Enterprise Linux WS 4 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux Desktop Workstation 5 client RedHat Enterprise Linux Desktop version 4 Red Hat Fedora Core7 Red Hat Enterprise Linux Desktop 5 client Red Hat Enterprise Linux AS 4 Red Hat Enterprise Linux 5 Server Quagga Quagga Routing Software Suite 0.99.8 Quagga Quagga Routing Software Suite 0.99.7 Quagga Quagga Routing Software Suite 0.99.6 Quagga Quagga Routing Software Suite 0.99.5 Quagga Quagga Routing Software Suite 0.99.4 Quagga Quagga Routing Software Suite 0.99.3 Quagga Quagga Routing Software Suite 0.99.2 Quagga Quagga Routing Software Suite 0.99.1 Oracle Enterprise Linux 5 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 4.0 Avaya Interactive Response 2.0
Not Vulnerable:	Quagga Quagga Routing Software Suite 0.99.9

Quagga Routing Suite Multiple Denial Of Service Vulnerabilities

Quagga Routing Suite is prone to a multiple denial-of-service vulnerabilities.

An attacker can exploit these issues to crash the affected application, denying service to legitimate users.

These issues affect versions prior to Quagga Routing Suite 0.99.9.

Quagga Routing Suite Multiple Denial Of Service Vulnerabilities

An attacker can exploit these issues by using readily available network utilities.

Quagga Routing Suite Multiple Denial Of Service Vulnerabilities

Solution:
The vendor has released Quagga 0.99.9. Please see the references for more information.


Quagga Quagga Routing Software Suite 0.99.1

• Quagga quagga-0.99.9.tar.gz
  http://www.quagga.net/download/quagga-0.99.9.tar.gz

Quagga Quagga Routing Software Suite 0.99.2

• Quagga quagga-0.99.9.tar.gz
  http://www.quagga.net/download/quagga-0.99.9.tar.gz

Quagga Quagga Routing Software Suite 0.99.3

• Quagga quagga-0.99.9.tar.gz
  http://www.quagga.net/download/quagga-0.99.9.tar.gz

Quagga Quagga Routing Software Suite 0.99.4

• Quagga quagga-0.99.9.tar.gz
  http://www.quagga.net/download/quagga-0.99.9.tar.gz

Quagga Quagga Routing Software Suite 0.99.5

• Quagga quagga-0.99.9.tar.gz
  http://www.quagga.net/download/quagga-0.99.9.tar.gz

Quagga Quagga Routing Software Suite 0.99.6

• Quagga quagga-0.99.9.tar.gz
  http://www.quagga.net/download/quagga-0.99.9.tar.gz

Quagga Quagga Routing Software Suite 0.99.7

• Quagga quagga-0.99.9.tar.gz
  http://www.quagga.net/download/quagga-0.99.9.tar.gz

Quagga Quagga Routing Software Suite 0.99.8

• Quagga quagga-0.99.9.tar.gz
  http://www.quagga.net/download/quagga-0.99.9.tar.gz

Quagga Routing Suite Multiple Denial Of Service Vulnerabilities

References:

• Quagga Software Suite Changelog 0.99.9 (Quagga)
  
• Quagga Software Suite Homepage (Quagga)
  
• 236141 (Sun)
  
• Avaya Security Advisory ASA-2008-176 (Avaya)