What is the severity of CVE-2010-1674?

CVE-2010-1674 is considered a high-severity vulnerability due to its potential to crash the bgpd daemon.

How do I fix CVE-2010-1674?

To mitigate CVE-2010-1674, update Quagga to a version greater than or equal to 0.99.17.

What systems are affected by CVE-2010-1674?

CVE-2010-1674 affects various versions of the Quagga Routing Software Suite up to and including version 0.99.16.

Can CVE-2010-1674 be exploited remotely?

Yes, CVE-2010-1674 can be exploited remotely via specially crafted BGP messages from a configured BGP peer.

What type of vulnerability is CVE-2010-1674?

CVE-2010-1674 is a NULL pointer dereference vulnerability related to malformed route information processing.

Vulnerability/
CVE-2010-1674

medium

CWE

NVD-CWE-Other 476

18/11/2010

29/3/2011

7/8/2024

CVE-2010-1674: Null Pointer Dereference

First published: Thu Nov 18 2010(Updated: )

A NULL pointer dereference flaw was found in the way Quagga bgpd daemon processed malformed route information. A configured BGP peer could crash bgpd on a target system via a BGP message with specially-crafted value of BGP Extended Communities attribute.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Quagga Routing Software Suite	<=0.99.17
Quagga Routing Software Suite	=0.95
Quagga Routing Software Suite	=0.96
Quagga Routing Software Suite	=0.96.1
Quagga Routing Software Suite	=0.96.2
Quagga Routing Software Suite	=0.96.3
Quagga Routing Software Suite	=0.96.4
Quagga Routing Software Suite	=0.96.5
Quagga Routing Software Suite	=0.97.0
Quagga Routing Software Suite	=0.97.1
Quagga Routing Software Suite	=0.97.2
Quagga Routing Software Suite	=0.97.3
Quagga Routing Software Suite	=0.97.4
Quagga Routing Software Suite	=0.97.5
Quagga Routing Software Suite	=0.98.0
Quagga Routing Software Suite	=0.98.1
Quagga Routing Software Suite	=0.98.2
Quagga Routing Software Suite	=0.98.3
Quagga Routing Software Suite	=0.98.4
Quagga Routing Software Suite	=0.98.5
Quagga Routing Software Suite	=0.98.6
Quagga Routing Software Suite	=0.99.1
Quagga Routing Software Suite	=0.99.2
Quagga Routing Software Suite	=0.99.3
Quagga Routing Software Suite	=0.99.4
Quagga Routing Software Suite	=0.99.5
Quagga Routing Software Suite	=0.99.6
Quagga Routing Software Suite	=0.99.7
Quagga Routing Software Suite	=0.99.8
Quagga Routing Software Suite	=0.99.9
Quagga Routing Software Suite	=0.99.10
Quagga Routing Software Suite	=0.99.11
Quagga Routing Software Suite	=0.99.12
Quagga Routing Software Suite	=0.99.13
Quagga Routing Software Suite	=0.99.14
Quagga Routing Software Suite	=0.99.15
Quagga Routing Software Suite	=0.99.16

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-1674?
CVE-2010-1674 is considered a high-severity vulnerability due to its potential to crash the bgpd daemon.
How do I fix CVE-2010-1674?
To mitigate CVE-2010-1674, update Quagga to a version greater than or equal to 0.99.17.
What systems are affected by CVE-2010-1674?
CVE-2010-1674 affects various versions of the Quagga Routing Software Suite up to and including version 0.99.16.
Can CVE-2010-1674 be exploited remotely?
Yes, CVE-2010-1674 can be exploited remotely via specially crafted BGP messages from a configured BGP peer.
What type of vulnerability is CVE-2010-1674?
CVE-2010-1674 is a NULL pointer dereference vulnerability related to malformed route information processing.

agent/type
agent/softwarecombine
agent/first-publish-date
collector/mitre-cve
source/MITRE
agent/weakness
agent/references
agent/last-modified-date
agent/author
agent/severity
agent/description
agent/event
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2010-1674
agent/trending
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/quagga
canonical/quagga routing software suite
version/quagga routing software suite/0.99.17
version/quagga routing software suite/0.95
version/quagga routing software suite/0.96
version/quagga routing software suite/0.96.1
version/quagga routing software suite/0.96.2
version/quagga routing software suite/0.96.3
version/quagga routing software suite/0.96.4
version/quagga routing software suite/0.96.5
version/quagga routing software suite/0.97.0
version/quagga routing software suite/0.97.1
version/quagga routing software suite/0.97.2
version/quagga routing software suite/0.97.3
version/quagga routing software suite/0.97.4
version/quagga routing software suite/0.97.5
version/quagga routing software suite/0.98.0
version/quagga routing software suite/0.98.1
version/quagga routing software suite/0.98.2
version/quagga routing software suite/0.98.3
version/quagga routing software suite/0.98.4
version/quagga routing software suite/0.98.5
version/quagga routing software suite/0.98.6
version/quagga routing software suite/0.99.1
version/quagga routing software suite/0.99.2
version/quagga routing software suite/0.99.3
version/quagga routing software suite/0.99.4
version/quagga routing software suite/0.99.5
version/quagga routing software suite/0.99.6
version/quagga routing software suite/0.99.7
version/quagga routing software suite/0.99.8
version/quagga routing software suite/0.99.9
version/quagga routing software suite/0.99.10
version/quagga routing software suite/0.99.11
version/quagga routing software suite/0.99.12
version/quagga routing software suite/0.99.13
version/quagga routing software suite/0.99.14
version/quagga routing software suite/0.99.15
version/quagga routing software suite/0.99.16

CVE-2010-1674: Null Pointer Dereference

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-1674?

How do I fix CVE-2010-1674?

What systems are affected by CVE-2010-1674?

Can CVE-2010-1674 be exploited remotely?

What type of vulnerability is CVE-2010-1674?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2010-1674?

How do I fix CVE-2010-1674?

What systems are affected by CVE-2010-1674?

Can CVE-2010-1674 be exploited remotely?

What type of vulnerability is CVE-2010-1674?