First published: Thu Feb 15 2018(Updated: )
Last updated 24 July 2024
Credit: cret@cert.org cret@cert.org
Affected Software | Affected Version | How to fix |
---|---|---|
Quagga Quagga | <=1.2.2 | |
Debian Debian Linux | =7.0 | |
Debian Debian Linux | =8.0 | |
Debian Debian Linux | =9.0 | |
Canonical Ubuntu Linux | =14.04 | |
Canonical Ubuntu Linux | =16.04 | |
Canonical Ubuntu Linux | =17.10 | |
Siemens Ruggedcom Rox Ii Firmware | <2.13.0 | |
Siemens Ruggedcom Rox Ii | ||
All of | ||
Siemens Ruggedcom Rox Ii Firmware | <2.13.0 | |
Siemens Ruggedcom Rox Ii | ||
debian/quagga |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-5380 is a vulnerability in the Quagga BGP daemon (bgpd) prior to version 1.2.3 that can overrun internal BGP code-to-string conversion tables used for debug.
The severity of CVE-2018-5380 is medium with a CVSS score of 4.3.
CVE-2018-5380 affects Quagga versions prior to 1.2.3.
You can find more information about CVE-2018-5380 at the following references: [link1](http://savannah.nongnu.org/forum/forum.php?forum_id=9095), [link2](http://www.kb.cert.org/vuls/id/940439), [link3](https://cert-portal.siemens.com/productcert/pdf/ssa-451142.pdf).
To fix CVE-2018-5380 in Quagga, you need to update to version 1.2.3 or later.