What is the severity of CVE-2011-3325?

CVE-2011-3325 is classified as a denial of service vulnerability due to its ability to crash the ospfd daemon.

How can I fix CVE-2011-3325?

To fix CVE-2011-3325, update the Quagga routing software to versions 0.99.19 or higher, or 0:0.98.6-7.el5_8.1, or 0:0.99.15-7.el6_3.2.

Which versions of Quagga are affected by CVE-2011-3325?

CVE-2011-3325 affects multiple versions of Quagga up to 0.99.18, including versions 0.95 through 0.99.18.

Who can exploit CVE-2011-3325?

A configured OSPF peer can exploit CVE-2011-3325 by sending malformed Hello packets to the ospfd daemon.

What systems are vulnerable to CVE-2011-3325?

Any system running vulnerable versions of the Quagga routing software is susceptible to CVE-2011-3325.

Vulnerability/
CVE-2011-3325

medium

CWE

399

14/9/2011

26/9/2011

10/10/2011

6/8/2024

CVE-2011-3325

First published: Wed Sep 14 2011(Updated: )

A denial of service flaw was found in the way the ospfd daemon of the Quagga routing suire processes malformed Hello packets (not complete Hello packets of Hello packets with invalid OSPFv2 header type). A configured OSPF peer, could use this flaw to cause the master OSPF daemon (ospfd) to crash.

Credit: cret@cert.org

Affected Software	Affected Version	How to fix
redhat/quagga	<0:0.98.6-7.el5_8.1	0:0.98.6-7.el5_8.1
redhat/quagga	<0:0.99.15-7.el6_3.2	0:0.99.15-7.el6_3.2
redhat/quagga	<0.99.19	0.99.19
Quagga Routing Software Suite	<=0.99.18
Quagga Routing Software Suite	=0.95
Quagga Routing Software Suite	=0.96
Quagga Routing Software Suite	=0.96.1
Quagga Routing Software Suite	=0.96.2
Quagga Routing Software Suite	=0.96.3
Quagga Routing Software Suite	=0.96.4
Quagga Routing Software Suite	=0.96.5
Quagga Routing Software Suite	=0.97.0
Quagga Routing Software Suite	=0.97.1
Quagga Routing Software Suite	=0.97.2
Quagga Routing Software Suite	=0.97.3
Quagga Routing Software Suite	=0.97.4
Quagga Routing Software Suite	=0.97.5
Quagga Routing Software Suite	=0.98.0
Quagga Routing Software Suite	=0.98.1
Quagga Routing Software Suite	=0.98.2
Quagga Routing Software Suite	=0.98.3
Quagga Routing Software Suite	=0.98.4
Quagga Routing Software Suite	=0.98.5
Quagga Routing Software Suite	=0.98.6
Quagga Routing Software Suite	=0.99.1
Quagga Routing Software Suite	=0.99.2
Quagga Routing Software Suite	=0.99.3
Quagga Routing Software Suite	=0.99.4
Quagga Routing Software Suite	=0.99.5
Quagga Routing Software Suite	=0.99.6
Quagga Routing Software Suite	=0.99.7
Quagga Routing Software Suite	=0.99.8
Quagga Routing Software Suite	=0.99.9
Quagga Routing Software Suite	=0.99.10
Quagga Routing Software Suite	=0.99.11
Quagga Routing Software Suite	=0.99.12
Quagga Routing Software Suite	=0.99.13
Quagga Routing Software Suite	=0.99.14
Quagga Routing Software Suite	=0.99.15
Quagga Routing Software Suite	=0.99.16
Quagga Routing Software Suite	=0.99.17

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Frequently Asked Questions

What is the severity of CVE-2011-3325?
CVE-2011-3325 is classified as a denial of service vulnerability due to its ability to crash the ospfd daemon.
How can I fix CVE-2011-3325?
To fix CVE-2011-3325, update the Quagga routing software to versions 0.99.19 or higher, or 0:0.98.6-7.el5_8.1, or 0:0.99.15-7.el6_3.2.
Which versions of Quagga are affected by CVE-2011-3325?
CVE-2011-3325 affects multiple versions of Quagga up to 0.99.18, including versions 0.95 through 0.99.18.
Who can exploit CVE-2011-3325?
A configured OSPF peer can exploit CVE-2011-3325 by sending malformed Hello packets to the ospfd daemon.
What systems are vulnerable to CVE-2011-3325?
Any system running vulnerable versions of the Quagga routing software is susceptible to CVE-2011-3325.

collector/redhat-cve
agent/type
agent/softwarecombine
agent/first-publish-date
collector/mitre-cve
source/MITRE
agent/weakness
agent/severity
agent/references
agent/last-modified-date
agent/author
agent/remedy
agent/description
agent/event
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2011-3325
agent/software-canonical-lookup
agent/trending
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
package-manager/redhat
vendor/quagga
canonical/quagga routing software suite
version/quagga routing software suite/0.99.18
version/quagga routing software suite/0.95
version/quagga routing software suite/0.96
version/quagga routing software suite/0.96.1
version/quagga routing software suite/0.96.2
version/quagga routing software suite/0.96.3
version/quagga routing software suite/0.96.4
version/quagga routing software suite/0.96.5
version/quagga routing software suite/0.97.0
version/quagga routing software suite/0.97.1
version/quagga routing software suite/0.97.2
version/quagga routing software suite/0.97.3
version/quagga routing software suite/0.97.4
version/quagga routing software suite/0.97.5
version/quagga routing software suite/0.98.0
version/quagga routing software suite/0.98.1
version/quagga routing software suite/0.98.2
version/quagga routing software suite/0.98.3
version/quagga routing software suite/0.98.4
version/quagga routing software suite/0.98.5
version/quagga routing software suite/0.98.6
version/quagga routing software suite/0.99.1
version/quagga routing software suite/0.99.2
version/quagga routing software suite/0.99.3
version/quagga routing software suite/0.99.4
version/quagga routing software suite/0.99.5
version/quagga routing software suite/0.99.6
version/quagga routing software suite/0.99.7
version/quagga routing software suite/0.99.8
version/quagga routing software suite/0.99.9
version/quagga routing software suite/0.99.10
version/quagga routing software suite/0.99.11
version/quagga routing software suite/0.99.12
version/quagga routing software suite/0.99.13
version/quagga routing software suite/0.99.14
version/quagga routing software suite/0.99.15
version/quagga routing software suite/0.99.16
version/quagga routing software suite/0.99.17

CVE-2011-3325

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

Frequently Asked Questions

What is the severity of CVE-2011-3325?

How can I fix CVE-2011-3325?

Which versions of Quagga are affected by CVE-2011-3325?

Who can exploit CVE-2011-3325?

What systems are vulnerable to CVE-2011-3325?

Company

Resources

Contact