CVE-2011-3325
First published: Wed Sep 14 2011(Updated: )
A denial of service flaw was found in the way the ospfd daemon of the Quagga routing suire processes malformed Hello packets (not complete Hello packets of Hello packets with invalid OSPFv2 header type). A configured OSPF peer, could use this flaw to cause the master OSPF daemon (ospfd) to crash.
Credit: cret@cert.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Quagga Quagga | =0.99.11 | |
| Quagga Quagga | =0.99.2 | |
| Quagga Quagga | =0.97.5 | |
| Quagga Quagga | =0.95 | |
| Quagga Quagga | =0.98.3 | |
| Quagga Quagga | =0.96.3 | |
| Quagga Quagga | =0.99.4 | |
| Quagga Quagga | =0.99.7 | |
| Quagga Quagga | =0.99.14 | |
| Quagga Quagga | =0.99.5 | |
| Quagga Quagga | =0.96.5 | |
| Quagga Quagga | =0.98.0 | |
| Quagga Quagga | =0.99.16 | |
| Quagga Quagga | =0.96.1 | |
| Quagga Quagga | =0.98.1 | |
| Quagga Quagga | =0.96.4 | |
| Quagga Quagga | =0.98.5 | |
| Quagga Quagga | =0.97.3 | |
| Quagga Quagga | =0.99.17 | |
| Quagga Quagga | =0.99.3 | |
| Quagga Quagga | =0.99.13 | |
| Quagga Quagga | =0.99.6 | |
| Quagga Quagga | =0.98.6 | |
| Quagga Quagga | =0.97.4 | |
| Quagga Quagga | =0.98.4 | |
| Quagga Quagga | =0.99.12 | |
| Quagga Quagga | =0.98.2 | |
| Quagga Quagga | =0.97.1 | |
| Quagga Quagga | =0.97.0 | |
| Quagga Quagga | =0.96.2 | |
| Quagga Quagga | =0.99.9 | |
| Quagga Quagga | =0.99.1 | |
| Quagga Quagga | <=0.99.18 | |
| Quagga Quagga | =0.97.2 | |
| Quagga Quagga | =0.99.15 | |
| Quagga Quagga | =0.99.10 | |
| Quagga Quagga | =0.99.8 | |
| Quagga Quagga | =0.96 | |
| redhat/quagga | <0.99.19 | 0.99.19 |
| redhat/quagga | <0:0.98.6-7.el5_8.1 | 0:0.98.6-7.el5_8.1 |
| redhat/quagga | <0:0.99.15-7.el6_3.2 | 0:0.99.15-7.el6_3.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.quagga.net/download/quagga-0.99.19.changelog.txt
- https://bugzilla.redhat.com/show_bug.cgi?id=738396
- http://www.debian.org/security/2011/dsa-2316
- http://code.quagga.net/?p=quagga.git;a=commit;h=717750433839762d23a5f8d88fe0b4d57c8d490a
- http://secunia.com/advisories/46139
- http://www.kb.cert.org/vuls/id/668534
- https://www.cert.fi/en/reports/2011/vulnerability539178.html
- http://code.quagga.net/?p=quagga.git;a=commit;h=61ab0301606053192f45c188bc48afc837518770
- http://secunia.com/advisories/46274
- http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00007.html
- http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00027.html
- http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00010.html
- http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html
- http://rhn.redhat.com/errata/RHSA-2012-1258.html
- http://rhn.redhat.com/errata/RHSA-2012-1259.html
- http://security.gentoo.org/glsa/glsa-201202-02.xml
- http://secunia.com/advisories/48106
- https://www.cve.org/CVERecord?id=CVE-2011-3325 https://nvd.nist.gov/vuln/detail/CVE-2011-3325
- https://access.redhat.com/errata/RHSA-2012:1258
- https://access.redhat.com/errata/RHSA-2012:1259
- https://access.redhat.com/security/cve/CVE-2011-3325
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=523210&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=523210&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=523212&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=523212&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=741343
- http://code.quagga.net/?p=quagga.git;a=commitdiff;h=3aad46bdaa0a2700e43252904b9481750c8cb45d
- https://rhn.redhat.com/errata/RHSA-2012-1259.html
- https://rhn.redhat.com/errata/RHSA-2012-1258.html
- http://code.quagga.net/?p=quagga.git%3Ba=commit%3Bh=61ab0301606053192f45c188bc48afc837518770
- http://code.quagga.net/?p=quagga.git%3Ba=commit%3Bh=717750433839762d23a5f8d88fe0b4d57c8d490a
- collector/nvd-historical
- collector/redhat-cve
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/references
- agent/last-modified-date
- agent/author
- agent/remedy
- agent/description
- agent/tags
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2011-3325
- agent/software-canonical-lookup
- vendor/quagga
- canonical/quagga quagga
- version/quagga quagga/0.99.11
- version/quagga quagga/0.99.2
- version/quagga quagga/0.97.5
- version/quagga quagga/0.95
- version/quagga quagga/0.98.3
- version/quagga quagga/0.96.3
- version/quagga quagga/0.99.4
- version/quagga quagga/0.99.7
- version/quagga quagga/0.99.14
- version/quagga quagga/0.99.5
- version/quagga quagga/0.96.5
- version/quagga quagga/0.98.0
- version/quagga quagga/0.99.16
- version/quagga quagga/0.96.1
- version/quagga quagga/0.98.1
- version/quagga quagga/0.96.4
- version/quagga quagga/0.98.5
- version/quagga quagga/0.97.3
- version/quagga quagga/0.99.17
- version/quagga quagga/0.99.3
- version/quagga quagga/0.99.13
- version/quagga quagga/0.99.6
- version/quagga quagga/0.98.6
- version/quagga quagga/0.97.4
- version/quagga quagga/0.98.4
- version/quagga quagga/0.99.12
- version/quagga quagga/0.98.2
- version/quagga quagga/0.97.1
- version/quagga quagga/0.97.0
- version/quagga quagga/0.96.2
- version/quagga quagga/0.99.9
- version/quagga quagga/0.99.1
- version/quagga quagga/0.99.18
- version/quagga quagga/0.97.2
- version/quagga quagga/0.99.15
- version/quagga quagga/0.99.10
- version/quagga quagga/0.99.8
- version/quagga quagga/0.96
- package-manager/redhat