Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-5380
Vulnerability from cvelistv5
Published
2018-02-19 13:00
Modified
2024-09-17 01:05
Severity ?
EPSS score ?
Summary
The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:33:44.355Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-3573-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3573-1/"
},
{
"name": "DSA-4115",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4115"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://savannah.nongnu.org/forum/forum.php?forum_id=9095"
},
{
"name": "GLSA-201804-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201804-17"
},
{
"name": "[debian-lts-announce] 20180216 [SECURITY] [DLA 1286-1] quagga security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00021.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://gogs.quagga.net/Quagga/quagga/src/master/doc/security/Quagga-2018-1550.txt"
},
{
"name": "VU#940439",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/940439"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-451142.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "bgpd",
"vendor": "Quagga",
"versions": [
{
"lessThan": "1.2.3",
"status": "affected",
"version": "bpgd",
"versionType": "custom"
}
]
}
],
"datePublic": "2018-02-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-09T12:06:07",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "USN-3573-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3573-1/"
},
{
"name": "DSA-4115",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4115"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://savannah.nongnu.org/forum/forum.php?forum_id=9095"
},
{
"name": "GLSA-201804-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201804-17"
},
{
"name": "[debian-lts-announce] 20180216 [SECURITY] [DLA 1286-1] quagga security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00021.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://gogs.quagga.net/Quagga/quagga/src/master/doc/security/Quagga-2018-1550.txt"
},
{
"name": "VU#940439",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/940439"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-451142.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"DATE_PUBLIC": "2018-02-15T00:00:00.000Z",
"ID": "CVE-2018-5380",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "bgpd",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "bpgd",
"version_value": "1.2.3"
}
]
}
}
]
},
"vendor_name": "Quagga"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-3573-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3573-1/"
},
{
"name": "DSA-4115",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4115"
},
{
"name": "http://savannah.nongnu.org/forum/forum.php?forum_id=9095",
"refsource": "CONFIRM",
"url": "http://savannah.nongnu.org/forum/forum.php?forum_id=9095"
},
{
"name": "GLSA-201804-17",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201804-17"
},
{
"name": "[debian-lts-announce] 20180216 [SECURITY] [DLA 1286-1] quagga security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00021.html"
},
{
"name": "https://gogs.quagga.net/Quagga/quagga/src/master/doc/security/Quagga-2018-1550.txt",
"refsource": "CONFIRM",
"url": "https://gogs.quagga.net/Quagga/quagga/src/master/doc/security/Quagga-2018-1550.txt"
},
{
"name": "VU#940439",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/940439"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-451142.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-451142.pdf"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2018-5380",
"datePublished": "2018-02-19T13:00:00Z",
"dateReserved": "2018-01-12T00:00:00",
"dateUpdated": "2024-09-17T01:05:46.243Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2018-5380\",\"sourceIdentifier\":\"cret@cert.org\",\"published\":\"2018-02-19T13:29:00.473\",\"lastModified\":\"2024-11-21T04:08:42.150\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input.\"},{\"lang\":\"es\",\"value\":\"El demonio Quagga BGP (bgpd), en versiones anteriores a la 1.2.3, puede saturar las tablas internas de conversi\u00f3n de c\u00f3digo a cadena de BGP empleadas para depurar por un valor de puntero 1, bas\u00e1ndose en las entradas.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"cret@cert.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:N/I:N/A:P\",\"baseScore\":4.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cret@cert.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.2.2\",\"matchCriteriaId\":\"5117934B-9B41-4ECF-807D-252F6CA1CF97\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F59A04-14CF-49E2-9973-645477EA09DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9070C9D8-A14A-467F-8253-33B966C16886\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:ruggedcom_rox_ii_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.13.0\",\"matchCriteriaId\":\"CBDC4817-0B21-45A9-A384-AECE46E2EBC2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:ruggedcom_rox_ii:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1EA04F52-40D0-4A4B-9767-265A26EFD98D\"}]}]}],\"references\":[{\"url\":\"http://savannah.nongnu.org/forum/forum.php?forum_id=9095\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/940439\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-451142.pdf\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://gogs.quagga.net/Quagga/quagga/src/master/doc/security/Quagga-2018-1550.txt\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/02/msg00021.html\",\"source\":\"cret@cert.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201804-17\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3573-1/\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4115\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://savannah.nongnu.org/forum/forum.php?forum_id=9095\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/940439\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-451142.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://gogs.quagga.net/Quagga/quagga/src/master/doc/security/Quagga-2018-1550.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/02/msg00021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201804-17\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3573-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4115\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
gsd-2018-5380
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-5380",
"description": "The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input.",
"id": "GSD-2018-5380",
"references": [
"https://www.suse.com/security/cve/CVE-2018-5380.html",
"https://www.debian.org/security/2018/dsa-4115",
"https://ubuntu.com/security/CVE-2018-5380",
"https://advisories.mageia.org/CVE-2018-5380.html",
"https://alas.aws.amazon.com/cve/html/CVE-2018-5380.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-5380"
],
"details": "The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input.",
"id": "GSD-2018-5380",
"modified": "2023-12-13T01:22:39.721014Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"DATE_PUBLIC": "2018-02-15T00:00:00.000Z",
"ID": "CVE-2018-5380",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "bgpd",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_name": "bpgd",
"version_value": "1.2.3"
}
]
}
}
]
},
"vendor_name": "Quagga"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-3573-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3573-1/"
},
{
"name": "DSA-4115",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4115"
},
{
"name": "http://savannah.nongnu.org/forum/forum.php?forum_id=9095",
"refsource": "CONFIRM",
"url": "http://savannah.nongnu.org/forum/forum.php?forum_id=9095"
},
{
"name": "GLSA-201804-17",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201804-17"
},
{
"name": "[debian-lts-announce] 20180216 [SECURITY] [DLA 1286-1] quagga security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00021.html"
},
{
"name": "https://gogs.quagga.net/Quagga/quagga/src/master/doc/security/Quagga-2018-1550.txt",
"refsource": "CONFIRM",
"url": "https://gogs.quagga.net/Quagga/quagga/src/master/doc/security/Quagga-2018-1550.txt"
},
{
"name": "VU#940439",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/940439"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-451142.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-451142.pdf"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:quagga:quagga:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.2.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_ii_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.13.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_ii:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2018-5380"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gogs.quagga.net/Quagga/quagga/src/master/doc/security/Quagga-2018-1550.txt",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://gogs.quagga.net/Quagga/quagga/src/master/doc/security/Quagga-2018-1550.txt"
},
{
"name": "VU#940439",
"refsource": "CERT-VN",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/940439"
},
{
"name": "http://savannah.nongnu.org/forum/forum.php?forum_id=9095",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://savannah.nongnu.org/forum/forum.php?forum_id=9095"
},
{
"name": "DSA-4115",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4115"
},
{
"name": "[debian-lts-announce] 20180216 [SECURITY] [DLA 1286-1] quagga security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00021.html"
},
{
"name": "USN-3573-1",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3573-1/"
},
{
"name": "GLSA-201804-17",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201804-17"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-451142.pdf",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-451142.pdf"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
},
"lastModifiedDate": "2019-10-09T23:41Z",
"publishedDate": "2018-02-19T13:29Z"
}
}
}
fkie_cve-2018-5380
Vulnerability from fkie_nvd
Published
2018-02-19 13:29
Modified
2024-11-21 04:08
Severity ?
4.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
4.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
4.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Summary
The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| quagga | quagga | * | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 17.10 | |
| siemens | ruggedcom_rox_ii_firmware | * | |
| siemens | ruggedcom_rox_ii | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:quagga:quagga:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5117934B-9B41-4ECF-807D-252F6CA1CF97",
"versionEndIncluding": "1.2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_ii_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBDC4817-0B21-45A9-A384-AECE46E2EBC2",
"versionEndExcluding": "2.13.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_ii:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA04F52-40D0-4A4B-9767-265A26EFD98D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input."
},
{
"lang": "es",
"value": "El demonio Quagga BGP (bgpd), en versiones anteriores a la 1.2.3, puede saturar las tablas internas de conversi\u00f3n de c\u00f3digo a cadena de BGP empleadas para depurar por un valor de puntero 1, bas\u00e1ndose en las entradas."
}
],
"id": "CVE-2018-5380",
"lastModified": "2024-11-21T04:08:42.150",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "cret@cert.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-19T13:29:00.473",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://savannah.nongnu.org/forum/forum.php?forum_id=9095"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/940439"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-451142.pdf"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "https://gogs.quagga.net/Quagga/quagga/src/master/doc/security/Quagga-2018-1550.txt"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00021.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201804-17"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3573-1/"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://savannah.nongnu.org/forum/forum.php?forum_id=9095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/940439"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-451142.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://gogs.quagga.net/Quagga/quagga/src/master/doc/security/Quagga-2018-1550.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201804-17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3573-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4115"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "cret@cert.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
var-201802-1050
Vulnerability from variot
The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input. Quagga bgpd Contains several vulnerabilities: * Buffer overflow (CWE-119) - CVE-2018-5378 (Quagga-2018-0543) * Double memory release (CWE-415) - CVE-2018-5379 (Quagga-2018-1114) * Out of bounds read (CWE-125) - CVE-2018-5380 (Quagga-2018-1550) * Improper handling of incorrect syntactic constructs (CWE-228) - CVE-2018-5381 (Quagga-2018-1975) Detail is Information provided by the developer Please refer to.The expected impact depends on each vulnerability, but remote code execution, information leakage, service operation interruption by a remote third party (DoS) An attack could be made. Quagga is prone to multiple denial of service vulnerabilities. Attackers can exploit these issues to crash the affected application, denying service to legitimate users. A configured peer can take advantage of this flaw to cause a denial of service (bgpd daemon not responding to any other events; BGP sessions will drop and not be reestablished; unresponsive CLI interface).
https://www.quagga.net/security/Quagga-2018-1975.txt
For the oldstable distribution (jessie), these problems have been fixed in version 0.99.23.1-1+deb8u5.
For the stable distribution (stretch), these problems have been fixed in version 1.1.1-3+deb9u2.
We recommend that you upgrade your quagga packages.
For the detailed security status of quagga please refer to its security tracker page at: https://security-tracker.debian.org/tracker/quagga
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlqGBaVfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0RpyRAAhVpntFw+LSUUzL2/cx7m+s4fHijhOkU/AjKKmW4a9rAi0iJYW4HNv5BU cKfz6yhngFUzCa+Glhmiwzt77eAoeksJSvxkKio5CTqjV3OxCWbDPPz/iRRHcKvK MGhnqyShMCF8boQU0plmqNbfhnSWNAObbaI2fPmjLOU4A4jPY1T/fbzu4Sd3k5qY ETeHq9+HlVdGnyNEoYnoO0XQH56ueNHy3VlChJ0S2OPtFtoKXkjM/er+yG6413+G 3e90tcbm2xlitmrTyZm9K/Q08UWLJx510n1rxehaO1DTEz+bqSNezySOhyNb8sTA fuadDpgs2ozwgSmxyuWFj0RL3fKvgycw1ZeNiS5nUmRJTobrPlnjyX+A8FEJhPuI 9xyVa8j6wUeBVZdgd9b/EWLQ1Z9oDRiXmHRJeVOtz4JRNPP1KLtBcsPxFW9eCp83 9gFMqk/vMYQSpRqtQdnl5OawEpeurMtusBsnlEV5y9afiHU9jKB8N7RPwxCJgtjP /jmhS4lOvn3F5lNILahaL3lrk/b0EsECajBltbN9YVU0yabWWRWSMrJ3ujamhaXE aUQKmVj1alwDyg90vToiUftdr3R0hPPFuzA0BAK55SJVzjwJ2XInzItr+2y1tMPn dSpd32tzrxpDm86rvmRIiAJbj28n7QnX9I9BlKZqWq2fUUhTkNg= =Gy8j -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201804-17
https://security.gentoo.org/
Severity: High Title: Quagga: Multiple vulnerabilities Date: April 22, 2018 Bugs: #647788 ID: 201804-17
Synopsis
Multiple vulnerabilities have been found in Quagga, the worst of which could allow remote attackers to execute arbitrary code. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Quagga users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/quagga-1.2.4"
References
[ 1 ] CVE-2018-5378 https://nvd.nist.gov/vuln/detail/CVE-2018-5378 [ 2 ] CVE-2018-5379 https://nvd.nist.gov/vuln/detail/CVE-2018-5379 [ 3 ] CVE-2018-5380 https://nvd.nist.gov/vuln/detail/CVE-2018-5380 [ 4 ] CVE-2018-5381 https://nvd.nist.gov/vuln/detail/CVE-2018-5381
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201804-17
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2018 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5 . ========================================================================== Ubuntu Security Notice USN-3573-1 February 16, 2018
quagga vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in Quagga.
Software Description: - quagga: BGP/OSPF/RIP routing daemon
Details:
It was discovered that a double-free vulnerability existed in the Quagga BGP daemon when processing certain forms of UPDATE message. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2018-5379)
It was discovered that the Quagga BGP daemon did not properly bounds check the data sent with a NOTIFY to a peer. An attacker could use this to expose sensitive information or possibly cause a denial of service. This issue only affected Ubuntu 17.10. An attacker in control of a configured peer could use this to possibly expose sensitive information or possibly cause a denial of service. (CVE-2018-5380)
It was discovered that the Quagga BGP daemon in some configurations did not properly handle invalid OPEN messages. An attacker in control of a configured peer could use this to cause a denial of service (infinite loop). (CVE-2018-5381)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 17.10: quagga 1.1.1-3ubuntu0.2 quagga-bgpd 1.1.1-3ubuntu0.2
Ubuntu 16.04 LTS: quagga 0.99.24.1-2ubuntu1.4
Ubuntu 14.04 LTS: quagga 0.99.22.4-3ubuntu1.5
After a standard system update you need to restart Quagga to make all the necessary changes.
References: https://www.ubuntu.com/usn/usn-3573-1 CVE-2018-5378, CVE-2018-5379, CVE-2018-5380, CVE-2018-5381
Package Information: https://launchpad.net/ubuntu/+source/quagga/1.1.1-3ubuntu0.2 https://launchpad.net/ubuntu/+source/quagga/0.99.24.1-2ubuntu1.4 https://launchpad.net/ubuntu/+source/quagga/0.99.22.4-3ubuntu1.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201802-1050",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.6,
"vendor": "debian",
"version": "9.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.6,
"vendor": "debian",
"version": "8.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "quagga",
"scope": "lte",
"trust": 1.0,
"vendor": "quagga",
"version": "1.2.2"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "17.10"
},
{
"model": "ruggedcom rox ii",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.13.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"model": "quagga",
"scope": "lt",
"trust": 0.8,
"vendor": "quagga",
"version": "1.2.3 earlier"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "17.10"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "16.04"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"model": "ruggedcom rox ii",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "2.9"
},
{
"model": "ruggedcom rox ii",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "2.12"
},
{
"model": "ruggedcom rox ii",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "2.11"
},
{
"model": "ruggedcom rox ii",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "2.10"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "1.2.2"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "1.2.1"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "1.2"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "1.1.1"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "1.1"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.99.24"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.99.22"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.99.21"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.99.17"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.99.16"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.99.15"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.99.14"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.99.13"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.99.12"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.99.11"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.99.10"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.99.9"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.99.8"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.99.7"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.99.6"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.99.5"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.99.4"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.99.3"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.99.2"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.99.1"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.98.6"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.98.5"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.98.3"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.98.2"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.98.1"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.98"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.97.5"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.97.3"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.97.2"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.97.1"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.97"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.96.5"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.96.3"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.96.2"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.99.22.3"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.99.22.2"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.99.22.1"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.99.20"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.99.19"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.99.18"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.98.4"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.97.4"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.96.4"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.96.1"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.96"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.95"
},
{
"model": "quagga",
"scope": "eq",
"trust": 0.3,
"vendor": "quagga",
"version": "0.93"
},
{
"model": "ruggedcom rox ii",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "2.13"
},
{
"model": "quagga",
"scope": "ne",
"trust": 0.3,
"vendor": "quagga",
"version": "1.2.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#940439"
},
{
"db": "BID",
"id": "107837"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001492"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-828"
},
{
"db": "NVD",
"id": "CVE-2018-5380"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:quagga:quagga",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001492"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens reported these vulnerabilities to NCCIC.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201802-828"
}
],
"trust": 0.6
},
"cve": "CVE-2018-5380",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CVE-2018-5380",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "JPCERT/CC",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2018-001492",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2018-5380",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "JPCERT/CC",
"availabilityImpact": "High",
"baseScore": 8.1,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2018-001492",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-5380",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cret@cert.org",
"id": "CVE-2018-5380",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "JPCERT/CC",
"id": "JVNDB-2018-001492",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201802-828",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-5380",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-5380"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001492"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-828"
},
{
"db": "NVD",
"id": "CVE-2018-5380"
},
{
"db": "NVD",
"id": "CVE-2018-5380"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input. Quagga bgpd Contains several vulnerabilities: * Buffer overflow (CWE-119) - CVE-2018-5378 (Quagga-2018-0543) * Double memory release (CWE-415) - CVE-2018-5379 (Quagga-2018-1114) * Out of bounds read (CWE-125) - CVE-2018-5380 (Quagga-2018-1550) * Improper handling of incorrect syntactic constructs (CWE-228) - CVE-2018-5381 (Quagga-2018-1975) Detail is \u003ca href=\"https://savannah.nongnu.org/forum/forum.php?forum_id=9095\"target=\"blank\"\u003e Information provided by the developer \u003c/a\u003e Please refer to.The expected impact depends on each vulnerability, but remote code execution, information leakage, service operation interruption by a remote third party (DoS) An attack could be made. Quagga is prone to multiple denial of service vulnerabilities. \nAttackers can exploit these issues to crash the affected application, denying service to legitimate users. \n A configured peer can take advantage of this flaw to cause a denial\n of service (bgpd daemon not responding to any other events; BGP\n sessions will drop and not be reestablished; unresponsive CLI\n interface). \n\n https://www.quagga.net/security/Quagga-2018-1975.txt\n\nFor the oldstable distribution (jessie), these problems have been fixed\nin version 0.99.23.1-1+deb8u5. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 1.1.1-3+deb9u2. \n\nWe recommend that you upgrade your quagga packages. \n\nFor the detailed security status of quagga please refer to its security\ntracker page at: https://security-tracker.debian.org/tracker/quagga\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlqGBaVfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2\nNDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND\nz0RpyRAAhVpntFw+LSUUzL2/cx7m+s4fHijhOkU/AjKKmW4a9rAi0iJYW4HNv5BU\ncKfz6yhngFUzCa+Glhmiwzt77eAoeksJSvxkKio5CTqjV3OxCWbDPPz/iRRHcKvK\nMGhnqyShMCF8boQU0plmqNbfhnSWNAObbaI2fPmjLOU4A4jPY1T/fbzu4Sd3k5qY\nETeHq9+HlVdGnyNEoYnoO0XQH56ueNHy3VlChJ0S2OPtFtoKXkjM/er+yG6413+G\n3e90tcbm2xlitmrTyZm9K/Q08UWLJx510n1rxehaO1DTEz+bqSNezySOhyNb8sTA\nfuadDpgs2ozwgSmxyuWFj0RL3fKvgycw1ZeNiS5nUmRJTobrPlnjyX+A8FEJhPuI\n9xyVa8j6wUeBVZdgd9b/EWLQ1Z9oDRiXmHRJeVOtz4JRNPP1KLtBcsPxFW9eCp83\n9gFMqk/vMYQSpRqtQdnl5OawEpeurMtusBsnlEV5y9afiHU9jKB8N7RPwxCJgtjP\n/jmhS4lOvn3F5lNILahaL3lrk/b0EsECajBltbN9YVU0yabWWRWSMrJ3ujamhaXE\naUQKmVj1alwDyg90vToiUftdr3R0hPPFuzA0BAK55SJVzjwJ2XInzItr+2y1tMPn\ndSpd32tzrxpDm86rvmRIiAJbj28n7QnX9I9BlKZqWq2fUUhTkNg=\n=Gy8j\n-----END PGP SIGNATURE-----\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201804-17\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Quagga: Multiple vulnerabilities\n Date: April 22, 2018\n Bugs: #647788\n ID: 201804-17\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Quagga, the worst of which\ncould allow remote attackers to execute arbitrary code. Please review\nthe CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Quagga users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-misc/quagga-1.2.4\"\n\nReferences\n==========\n\n[ 1 ] CVE-2018-5378\n https://nvd.nist.gov/vuln/detail/CVE-2018-5378\n[ 2 ] CVE-2018-5379\n https://nvd.nist.gov/vuln/detail/CVE-2018-5379\n[ 3 ] CVE-2018-5380\n https://nvd.nist.gov/vuln/detail/CVE-2018-5380\n[ 4 ] CVE-2018-5381\n https://nvd.nist.gov/vuln/detail/CVE-2018-5381\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201804-17\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2018 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n. ==========================================================================\nUbuntu Security Notice USN-3573-1\nFebruary 16, 2018\n\nquagga vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 17.10\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in Quagga. \n\nSoftware Description:\n- quagga: BGP/OSPF/RIP routing daemon\n\nDetails:\n\nIt was discovered that a double-free vulnerability existed in the\nQuagga BGP daemon when processing certain forms of UPDATE message. \nA remote attacker could use this to cause a denial of service or\npossibly execute arbitrary code. (CVE-2018-5379)\n\nIt was discovered that the Quagga BGP daemon did not properly bounds\ncheck the data sent with a NOTIFY to a peer. An attacker could use this\nto expose sensitive information or possibly cause a denial of service. \nThis issue only affected Ubuntu 17.10. An attacker in control of a configured peer could\nuse this to possibly expose sensitive information or possibly cause\na denial of service. (CVE-2018-5380)\n\nIt was discovered that the Quagga BGP daemon in some configurations\ndid not properly handle invalid OPEN messages. An attacker in control\nof a configured peer could use this to cause a denial of service\n(infinite loop). (CVE-2018-5381)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 17.10:\n quagga 1.1.1-3ubuntu0.2\n quagga-bgpd 1.1.1-3ubuntu0.2\n\nUbuntu 16.04 LTS:\n quagga 0.99.24.1-2ubuntu1.4\n\nUbuntu 14.04 LTS:\n quagga 0.99.22.4-3ubuntu1.5\n\nAfter a standard system update you need to restart Quagga to make\nall the necessary changes. \n\nReferences:\n https://www.ubuntu.com/usn/usn-3573-1\n CVE-2018-5378, CVE-2018-5379, CVE-2018-5380, CVE-2018-5381\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/quagga/1.1.1-3ubuntu0.2\n https://launchpad.net/ubuntu/+source/quagga/0.99.24.1-2ubuntu1.4\n https://launchpad.net/ubuntu/+source/quagga/0.99.22.4-3ubuntu1.5\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-5380"
},
{
"db": "CERT/CC",
"id": "VU#940439"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001492"
},
{
"db": "BID",
"id": "107837"
},
{
"db": "VULMON",
"id": "CVE-2018-5380"
},
{
"db": "PACKETSTORM",
"id": "146416"
},
{
"db": "PACKETSTORM",
"id": "147305"
},
{
"db": "PACKETSTORM",
"id": "146410"
}
],
"trust": 2.97
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#940439",
"trust": 3.6
},
{
"db": "NVD",
"id": "CVE-2018-5380",
"trust": 3.1
},
{
"db": "ICS CERT",
"id": "ICSA-19-099-05",
"trust": 1.8
},
{
"db": "SIEMENS",
"id": "SSA-451142",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVNVU95518305",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001492",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2019.1207",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201802-828",
"trust": 0.6
},
{
"db": "BID",
"id": "107837",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2018-5380",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146416",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147305",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146410",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#940439"
},
{
"db": "VULMON",
"id": "CVE-2018-5380"
},
{
"db": "BID",
"id": "107837"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001492"
},
{
"db": "PACKETSTORM",
"id": "146416"
},
{
"db": "PACKETSTORM",
"id": "147305"
},
{
"db": "PACKETSTORM",
"id": "146410"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-828"
},
{
"db": "NVD",
"id": "CVE-2018-5380"
}
]
},
"id": "VAR-201802-1050",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.52540106
},
"last_update_date": "2024-11-23T22:12:39.801000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "AXSA:2018-2582:01",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/ja/node/9025"
},
{
"title": "Quagga 1.2.3 Release, with significant BGP security fixes",
"trust": 0.8,
"url": "https://savannah.nongnu.org/forum/forum.php?forum_id=9095"
},
{
"title": "\u4e0d\u6b63\u306a\u30e1\u30c3\u30bb\u30fc\u30b8\u306e\u53d7\u4fe1\u306b\u3088\u308aBGP\u6a5f\u80fd\u304c\u505c\u6b62\u3059\u308b\u8106\u5f31\u6027",
"trust": 0.8,
"url": "http://www.seil.jp/support/security/a01864.html"
},
{
"title": "Quagga BGP daemon Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=90581"
},
{
"title": "Ubuntu Security Notice: quagga vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3573-1"
},
{
"title": "Red Hat: CVE-2018-5380",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2018-5380"
},
{
"title": "Debian Security Advisories: DSA-4115-1 quagga -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=60039c87d27a61271ac8cea042fa360d"
},
{
"title": "Amazon Linux AMI: ALAS-2018-957",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2018-957"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=743274c8dcbded6c8c6a2fcbd1f712aa"
},
{
"title": "Debian CVElist Bug Report Logs: quagga: CVE-2018-5378 CVE-2018-5379 CVE-2018-5380 CVE-2018-5381",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=4da9cc5babf3128084a3957af98f57a1"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-5380"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001492"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-828"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.8
},
{
"problemtype": "CWE-119",
"trust": 0.8
},
{
"problemtype": "CWE-415",
"trust": 0.8
},
{
"problemtype": "CWE-228",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001492"
},
{
"db": "NVD",
"id": "CVE-2018-5380"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://savannah.nongnu.org/forum/forum.php?forum_id=9095"
},
{
"trust": 2.8,
"url": "https://www.debian.org/security/2018/dsa-4115"
},
{
"trust": 2.6,
"url": "http://www.kb.cert.org/vuls/id/940439"
},
{
"trust": 2.1,
"url": "https://usn.ubuntu.com/3573-1/"
},
{
"trust": 2.0,
"url": "https://gogs.quagga.net/quagga/quagga/src/master/doc/security/quagga-2018-1550.txt"
},
{
"trust": 2.0,
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00021.html"
},
{
"trust": 1.8,
"url": "https://security.gentoo.org/glsa/201804-17"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-451142.pdf"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5378"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5379"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5380"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5381"
},
{
"trust": 1.0,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-19-099-05"
},
{
"trust": 0.9,
"url": "http://cwe.mitre.org/data/definitions/125.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/228.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/415.html"
},
{
"trust": 0.8,
"url": "http://lists.suse.com/pipermail/sle-security-updates/2018-february/003735.html"
},
{
"trust": 0.8,
"url": "https://usn.ubuntu.com/usn/usn-3573-1/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5381"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5378"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5379"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5380"
},
{
"trust": 0.8,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-099-05"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu95518305/index.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/78746"
},
{
"trust": 0.3,
"url": "http://www.quagga.net/"
},
{
"trust": 0.3,
"url": "https://www.kb.cert.org/vuls/id/940439/"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2018-5380"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2018-5381"
},
{
"trust": 0.3,
"url": "https://gogs.quagga.net/quagga/quagga/src/master/doc/security/quagga-2018-1975.txt"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.quagga.net/security/quagga-2018-0543.txt"
},
{
"trust": 0.1,
"url": "https://www.quagga.net/security/quagga-2018-1975.txt"
},
{
"trust": 0.1,
"url": "https://www.quagga.net/security/quagga-2018-1550.txt"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://www.quagga.net/security/quagga-2018-1114.txt"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/quagga"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/quagga/1.1.1-3ubuntu0.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/quagga/0.99.22.4-3ubuntu1.5"
},
{
"trust": 0.1,
"url": "https://www.ubuntu.com/usn/usn-3573-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/quagga/0.99.24.1-2ubuntu1.4"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#940439"
},
{
"db": "VULMON",
"id": "CVE-2018-5380"
},
{
"db": "BID",
"id": "107837"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001492"
},
{
"db": "PACKETSTORM",
"id": "146416"
},
{
"db": "PACKETSTORM",
"id": "147305"
},
{
"db": "PACKETSTORM",
"id": "146410"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-828"
},
{
"db": "NVD",
"id": "CVE-2018-5380"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#940439"
},
{
"db": "VULMON",
"id": "CVE-2018-5380"
},
{
"db": "BID",
"id": "107837"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001492"
},
{
"db": "PACKETSTORM",
"id": "146416"
},
{
"db": "PACKETSTORM",
"id": "147305"
},
{
"db": "PACKETSTORM",
"id": "146410"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-828"
},
{
"db": "NVD",
"id": "CVE-2018-5380"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-02-15T00:00:00",
"db": "CERT/CC",
"id": "VU#940439"
},
{
"date": "2018-02-19T00:00:00",
"db": "VULMON",
"id": "CVE-2018-5380"
},
{
"date": "2018-02-19T00:00:00",
"db": "BID",
"id": "107837"
},
{
"date": "2018-02-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001492"
},
{
"date": "2018-02-16T14:36:28",
"db": "PACKETSTORM",
"id": "146416"
},
{
"date": "2018-04-23T20:02:00",
"db": "PACKETSTORM",
"id": "147305"
},
{
"date": "2018-02-15T23:25:00",
"db": "PACKETSTORM",
"id": "146410"
},
{
"date": "2018-02-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201802-828"
},
{
"date": "2018-02-19T13:29:00.473000",
"db": "NVD",
"id": "CVE-2018-5380"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-02-19T00:00:00",
"db": "CERT/CC",
"id": "VU#940439"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2018-5380"
},
{
"date": "2018-02-19T00:00:00",
"db": "BID",
"id": "107837"
},
{
"date": "2019-07-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001492"
},
{
"date": "2019-04-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201802-828"
},
{
"date": "2024-11-21T04:08:42.150000",
"db": "NVD",
"id": "CVE-2018-5380"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "147305"
},
{
"db": "PACKETSTORM",
"id": "146410"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-828"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Quagga bgpd is affected by multiple vulnerabilities",
"sources": [
{
"db": "CERT/CC",
"id": "VU#940439"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201802-828"
}
],
"trust": 0.6
}
}
wid-sec-w-2024-2213
Vulnerability from csaf_certbund
Published
2018-02-15 23:00
Modified
2024-09-24 22:00
Summary
quagga: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Quagga ist eine Routing-Software Suite, die auf Unix Plattformen die Protokolle OSPFv2, OSPFv3, RIP v1 und v2, RIPng und BGP-4 implementiert.
Debian ist eine Linux-Distribution, die ausschließlich Freie Software enthält.
Ubuntu Linux ist die Linux Distribution des Herstellers Canonical.
SUSE Linux ist eine Linux-Distribution bzw. Open Source Plattform.
Die Produkte der Red Hat Enterprise Linux Produktfamilie sind Linux-Distribution der Firma Red Hat.
Angriff
Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in quagga ausnutzen um Informationen offenzulegen, um beliebigen Programmcode mit den Rechten des Dienstes auszuführen und um einen Denial of Service Zustand herbeizuführen.
Betroffene Betriebssysteme
- Linux
- UNIX
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Quagga ist eine Routing-Software Suite, die auf Unix Plattformen die Protokolle OSPFv2, OSPFv3, RIP v1 und v2, RIPng und BGP-4 implementiert.\r\nDebian ist eine Linux-Distribution, die ausschlie\u00dflich Freie Software enth\u00e4lt.\r\nUbuntu Linux ist die Linux Distribution des Herstellers Canonical.\r\nSUSE Linux ist eine Linux-Distribution bzw. Open Source Plattform.\r\nDie Produkte der Red Hat Enterprise Linux Produktfamilie sind Linux-Distribution der Firma Red Hat.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in quagga ausnutzen um Informationen offenzulegen, um beliebigen Programmcode mit den Rechten des Dienstes auszuf\u00fchren und um einen Denial of Service Zustand herbeizuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-2213 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2018/wid-sec-w-2024-2213.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-2213 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2213"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-4115-1 vom 2018-02-15",
"url": "https://www.debian.org/security/2018/dsa-4115"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-3573-1 vom 2018-02-15",
"url": "https://usn.ubuntu.com/usn/usn-3573-1/"
},
{
"category": "external",
"summary": "SUSE Security Update: SUSE-SU-2018:0451-1 vom 2018-02-15",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180451-1/"
},
{
"category": "external",
"summary": "SUSE Security Update: SUSE-SU-2018:0456-1 vom 2018-02-15",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180456-1/"
},
{
"category": "external",
"summary": "Quagga Security Note 2018-1975 vom 2018-02-15",
"url": "https://gogs.quagga.net/Quagga/quagga/src/master/doc/security/Quagga-2018-1975.txt"
},
{
"category": "external",
"summary": "Quagga Security Note 2018-1550 vom 2018-02-15",
"url": "https://gogs.quagga.net/Quagga/quagga/src/master/doc/security/Quagga-2018-1550.txt"
},
{
"category": "external",
"summary": "Quagga Security Note 2018-1114 vom 2018-02-15",
"url": "https://gogs.quagga.net/Quagga/quagga/src/master/doc/security/Quagga-2018-1114.txt"
},
{
"category": "external",
"summary": "Quagga Security Note 2018-0543 vom 2018-02-15",
"url": "https://gogs.quagga.net/Quagga/quagga/src/master/doc/security/Quagga-2018-0543.txt"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:0377 vom 2018-02-28",
"url": "https://access.redhat.com/errata/RHSA-2018:0377"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-0377 vom 2018-03-01",
"url": "http://linux.oracle.com/errata/ELSA-2018-0377.html"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2018:0377 vom 2018-03-10",
"url": "http://centos-announce.2309468.n4.nabble.com/CentOS-announce-CESA-2018-0377-Important-CentOS-7-quagga-Security-Update-tp4644998.html"
},
{
"category": "external",
"summary": "GENTOO Security Advisory GLSA201804-17 vom 2018-04-23",
"url": "https://security.gentoo.org/glsa/201804-17"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3426-1 vom 2024-09-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019517.html"
}
],
"source_lang": "en-US",
"title": "quagga: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-09-24T22:00:00.000+00:00",
"generator": {
"date": "2024-09-26T07:39:54.062+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2024-2213",
"initial_release_date": "2018-02-15T23:00:00.000+00:00",
"revision_history": [
{
"date": "2018-02-15T23:00:00.000+00:00",
"number": "1",
"summary": "Initial Release"
},
{
"date": "2018-02-15T23:00:00.000+00:00",
"number": "2",
"summary": "Version nicht vorhanden"
},
{
"date": "2018-02-25T23:00:00.000+00:00",
"number": "3",
"summary": "Added references"
},
{
"date": "2018-03-11T23:00:00.000+00:00",
"number": "4",
"summary": "New remediations available"
},
{
"date": "2018-04-22T22:00:00.000+00:00",
"number": "5",
"summary": "New remediations available"
},
{
"date": "2024-09-24T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
}
],
"status": "final",
"version": "6"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "8",
"product": {
"name": "Debian Linux Jessie (8.0) 8.0",
"product_id": "310725",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:8.0"
}
}
},
{
"category": "product_version",
"name": "9",
"product": {
"name": "Debian Linux Stretch (9.0) 9",
"product_id": "T011363",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:9.0"
}
}
}
],
"category": "product_name",
"name": "Linux"
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source CentOS",
"product": {
"name": "Open Source CentOS",
"product_id": "1727",
"product_identification_helper": {
"cpe": "cpe:/o:centos:centos:-"
}
}
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source quagga",
"product": {
"name": "Open Source quagga",
"product_id": "T008350",
"product_identification_helper": {
"cpe": "cpe:/a:quagga:quagga:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.2.3",
"product": {
"name": "Open Source quagga \u003c1.2.3",
"product_id": "T011848"
}
},
{
"category": "product_version",
"name": "1.2.3",
"product": {
"name": "Open Source quagga 1.2.3",
"product_id": "T011848-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:quagga:quagga:1.2.3"
}
}
}
],
"category": "product_name",
"name": "quagga"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "6",
"product": {
"name": "Red Hat Enterprise Linux 6",
"product_id": "120737",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6"
}
}
},
{
"category": "product_version",
"name": "5",
"product": {
"name": "Red Hat Enterprise Linux 5",
"product_id": "67748",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5"
}
}
},
{
"category": "product_version",
"name": "7",
"product": {
"name": "Red Hat Enterprise Linux 7",
"product_id": "T006643",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_version",
"name": "12 SP3",
"product": {
"name": "SUSE Linux 12 SP3",
"product_id": "T011074",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:12::sp3"
}
}
},
{
"category": "product_version",
"name": "12 SP2",
"product": {
"name": "SUSE Linux 12 SP2",
"product_id": "T011849",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:12_sp2"
}
}
}
],
"category": "product_name",
"name": "Linux"
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "14.04 LTS",
"product": {
"name": "Ubuntu Linux 14.04 LTS",
"product_id": "T010559",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:14.04_lts"
}
}
},
{
"category": "product_version",
"name": "16.04 LTS",
"product": {
"name": "Ubuntu Linux 16.04 LTS",
"product_id": "T010560",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:16.04_lts"
}
}
},
{
"category": "product_version",
"name": "17.1",
"product": {
"name": "Ubuntu Linux 17.10",
"product_id": "T011082",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:17.10"
}
}
}
],
"category": "product_name",
"name": "Linux"
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-5378",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in quagga. Ein angemeldeter, entfernter Angreifer kann diese Schwachstelle nutzen, um bis zu 64 KB an Daten aus dem Prozessspeicher offenzulegen."
}
],
"product_status": {
"known_affected": [
"T010559",
"T011082",
"T002207",
"310725",
"T008350",
"T010560",
"T011363",
"1727",
"T004914",
"T011074",
"T011849",
"T011848"
]
},
"release_date": "2018-02-15T23:00:00.000+00:00",
"title": "CVE-2018-5378"
},
{
"cve": "CVE-2018-5379",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in quagga. Ein anonymer, entfernter Angreifer kann diese Schwachstelle nutzen, um durch eine Doublefree-Schwachstelle beliebigen Programmcode mit den Rechten des Dienstes auszuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T006643",
"T010559",
"67748",
"T010560",
"T011363",
"T004914",
"T011074",
"T011082",
"T002207",
"120737",
"310725",
"1727",
"T011849",
"T011848"
]
},
"release_date": "2018-02-15T23:00:00.000+00:00",
"title": "CVE-2018-5379"
},
{
"cve": "CVE-2018-5380",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in quagga. Ein angemeldeter, entfernter Angreifer kann diese Schwachstelle nutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder um Binary-Informationen in der Logdateien offenzulegen."
}
],
"product_status": {
"known_affected": [
"T006643",
"T010559",
"67748",
"T010560",
"T011363",
"T004914",
"T011074",
"T011082",
"T002207",
"120737",
"310725",
"1727",
"T011849",
"T011848"
]
},
"release_date": "2018-02-15T23:00:00.000+00:00",
"title": "CVE-2018-5380"
},
{
"cve": "CVE-2018-5381",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in quagga. Ein angemeldeter, lokaler Angreifer kann diese Schwachstelle nutzen, um durch eine Endlosschleife einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T006643",
"T010559",
"67748",
"T010560",
"T011363",
"T004914",
"T011074",
"T011082",
"T002207",
"120737",
"310725",
"1727",
"T011849",
"T011848"
]
},
"release_date": "2018-02-15T23:00:00.000+00:00",
"title": "CVE-2018-5381"
}
]
}
WID-SEC-W-2024-2213
Vulnerability from csaf_certbund
Published
2018-02-15 23:00
Modified
2024-09-24 22:00
Summary
quagga: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Quagga ist eine Routing-Software Suite, die auf Unix Plattformen die Protokolle OSPFv2, OSPFv3, RIP v1 und v2, RIPng und BGP-4 implementiert.
Debian ist eine Linux-Distribution, die ausschließlich Freie Software enthält.
Ubuntu Linux ist die Linux Distribution des Herstellers Canonical.
SUSE Linux ist eine Linux-Distribution bzw. Open Source Plattform.
Die Produkte der Red Hat Enterprise Linux Produktfamilie sind Linux-Distribution der Firma Red Hat.
Angriff
Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in quagga ausnutzen um Informationen offenzulegen, um beliebigen Programmcode mit den Rechten des Dienstes auszuführen und um einen Denial of Service Zustand herbeizuführen.
Betroffene Betriebssysteme
- Linux
- UNIX
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Quagga ist eine Routing-Software Suite, die auf Unix Plattformen die Protokolle OSPFv2, OSPFv3, RIP v1 und v2, RIPng und BGP-4 implementiert.\r\nDebian ist eine Linux-Distribution, die ausschlie\u00dflich Freie Software enth\u00e4lt.\r\nUbuntu Linux ist die Linux Distribution des Herstellers Canonical.\r\nSUSE Linux ist eine Linux-Distribution bzw. Open Source Plattform.\r\nDie Produkte der Red Hat Enterprise Linux Produktfamilie sind Linux-Distribution der Firma Red Hat.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in quagga ausnutzen um Informationen offenzulegen, um beliebigen Programmcode mit den Rechten des Dienstes auszuf\u00fchren und um einen Denial of Service Zustand herbeizuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-2213 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2018/wid-sec-w-2024-2213.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-2213 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2213"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-4115-1 vom 2018-02-15",
"url": "https://www.debian.org/security/2018/dsa-4115"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-3573-1 vom 2018-02-15",
"url": "https://usn.ubuntu.com/usn/usn-3573-1/"
},
{
"category": "external",
"summary": "SUSE Security Update: SUSE-SU-2018:0451-1 vom 2018-02-15",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180451-1/"
},
{
"category": "external",
"summary": "SUSE Security Update: SUSE-SU-2018:0456-1 vom 2018-02-15",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180456-1/"
},
{
"category": "external",
"summary": "Quagga Security Note 2018-1975 vom 2018-02-15",
"url": "https://gogs.quagga.net/Quagga/quagga/src/master/doc/security/Quagga-2018-1975.txt"
},
{
"category": "external",
"summary": "Quagga Security Note 2018-1550 vom 2018-02-15",
"url": "https://gogs.quagga.net/Quagga/quagga/src/master/doc/security/Quagga-2018-1550.txt"
},
{
"category": "external",
"summary": "Quagga Security Note 2018-1114 vom 2018-02-15",
"url": "https://gogs.quagga.net/Quagga/quagga/src/master/doc/security/Quagga-2018-1114.txt"
},
{
"category": "external",
"summary": "Quagga Security Note 2018-0543 vom 2018-02-15",
"url": "https://gogs.quagga.net/Quagga/quagga/src/master/doc/security/Quagga-2018-0543.txt"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:0377 vom 2018-02-28",
"url": "https://access.redhat.com/errata/RHSA-2018:0377"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-0377 vom 2018-03-01",
"url": "http://linux.oracle.com/errata/ELSA-2018-0377.html"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2018:0377 vom 2018-03-10",
"url": "http://centos-announce.2309468.n4.nabble.com/CentOS-announce-CESA-2018-0377-Important-CentOS-7-quagga-Security-Update-tp4644998.html"
},
{
"category": "external",
"summary": "GENTOO Security Advisory GLSA201804-17 vom 2018-04-23",
"url": "https://security.gentoo.org/glsa/201804-17"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3426-1 vom 2024-09-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019517.html"
}
],
"source_lang": "en-US",
"title": "quagga: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-09-24T22:00:00.000+00:00",
"generator": {
"date": "2024-09-26T07:39:54.062+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2024-2213",
"initial_release_date": "2018-02-15T23:00:00.000+00:00",
"revision_history": [
{
"date": "2018-02-15T23:00:00.000+00:00",
"number": "1",
"summary": "Initial Release"
},
{
"date": "2018-02-15T23:00:00.000+00:00",
"number": "2",
"summary": "Version nicht vorhanden"
},
{
"date": "2018-02-25T23:00:00.000+00:00",
"number": "3",
"summary": "Added references"
},
{
"date": "2018-03-11T23:00:00.000+00:00",
"number": "4",
"summary": "New remediations available"
},
{
"date": "2018-04-22T22:00:00.000+00:00",
"number": "5",
"summary": "New remediations available"
},
{
"date": "2024-09-24T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
}
],
"status": "final",
"version": "6"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "8",
"product": {
"name": "Debian Linux Jessie (8.0) 8.0",
"product_id": "310725",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:8.0"
}
}
},
{
"category": "product_version",
"name": "9",
"product": {
"name": "Debian Linux Stretch (9.0) 9",
"product_id": "T011363",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:9.0"
}
}
}
],
"category": "product_name",
"name": "Linux"
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source CentOS",
"product": {
"name": "Open Source CentOS",
"product_id": "1727",
"product_identification_helper": {
"cpe": "cpe:/o:centos:centos:-"
}
}
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source quagga",
"product": {
"name": "Open Source quagga",
"product_id": "T008350",
"product_identification_helper": {
"cpe": "cpe:/a:quagga:quagga:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.2.3",
"product": {
"name": "Open Source quagga \u003c1.2.3",
"product_id": "T011848"
}
},
{
"category": "product_version",
"name": "1.2.3",
"product": {
"name": "Open Source quagga 1.2.3",
"product_id": "T011848-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:quagga:quagga:1.2.3"
}
}
}
],
"category": "product_name",
"name": "quagga"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "6",
"product": {
"name": "Red Hat Enterprise Linux 6",
"product_id": "120737",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6"
}
}
},
{
"category": "product_version",
"name": "5",
"product": {
"name": "Red Hat Enterprise Linux 5",
"product_id": "67748",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5"
}
}
},
{
"category": "product_version",
"name": "7",
"product": {
"name": "Red Hat Enterprise Linux 7",
"product_id": "T006643",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_version",
"name": "12 SP3",
"product": {
"name": "SUSE Linux 12 SP3",
"product_id": "T011074",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:12::sp3"
}
}
},
{
"category": "product_version",
"name": "12 SP2",
"product": {
"name": "SUSE Linux 12 SP2",
"product_id": "T011849",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:12_sp2"
}
}
}
],
"category": "product_name",
"name": "Linux"
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "14.04 LTS",
"product": {
"name": "Ubuntu Linux 14.04 LTS",
"product_id": "T010559",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:14.04_lts"
}
}
},
{
"category": "product_version",
"name": "16.04 LTS",
"product": {
"name": "Ubuntu Linux 16.04 LTS",
"product_id": "T010560",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:16.04_lts"
}
}
},
{
"category": "product_version",
"name": "17.1",
"product": {
"name": "Ubuntu Linux 17.10",
"product_id": "T011082",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:17.10"
}
}
}
],
"category": "product_name",
"name": "Linux"
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-5378",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in quagga. Ein angemeldeter, entfernter Angreifer kann diese Schwachstelle nutzen, um bis zu 64 KB an Daten aus dem Prozessspeicher offenzulegen."
}
],
"product_status": {
"known_affected": [
"T010559",
"T011082",
"T002207",
"310725",
"T008350",
"T010560",
"T011363",
"1727",
"T004914",
"T011074",
"T011849",
"T011848"
]
},
"release_date": "2018-02-15T23:00:00.000+00:00",
"title": "CVE-2018-5378"
},
{
"cve": "CVE-2018-5379",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in quagga. Ein anonymer, entfernter Angreifer kann diese Schwachstelle nutzen, um durch eine Doublefree-Schwachstelle beliebigen Programmcode mit den Rechten des Dienstes auszuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T006643",
"T010559",
"67748",
"T010560",
"T011363",
"T004914",
"T011074",
"T011082",
"T002207",
"120737",
"310725",
"1727",
"T011849",
"T011848"
]
},
"release_date": "2018-02-15T23:00:00.000+00:00",
"title": "CVE-2018-5379"
},
{
"cve": "CVE-2018-5380",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in quagga. Ein angemeldeter, entfernter Angreifer kann diese Schwachstelle nutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder um Binary-Informationen in der Logdateien offenzulegen."
}
],
"product_status": {
"known_affected": [
"T006643",
"T010559",
"67748",
"T010560",
"T011363",
"T004914",
"T011074",
"T011082",
"T002207",
"120737",
"310725",
"1727",
"T011849",
"T011848"
]
},
"release_date": "2018-02-15T23:00:00.000+00:00",
"title": "CVE-2018-5380"
},
{
"cve": "CVE-2018-5381",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in quagga. Ein angemeldeter, lokaler Angreifer kann diese Schwachstelle nutzen, um durch eine Endlosschleife einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T006643",
"T010559",
"67748",
"T010560",
"T011363",
"T004914",
"T011074",
"T011082",
"T002207",
"120737",
"310725",
"1727",
"T011849",
"T011848"
]
},
"release_date": "2018-02-15T23:00:00.000+00:00",
"title": "CVE-2018-5381"
}
]
}
ICSA-19-099-05
Vulnerability from csaf_cisa
Published
2019-04-09 00:00
Modified
2019-04-09 00:00
Summary
Siemens RUGGEDCOM ROX II
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could result in remote code execution and/or a denial-of-service condition.
Critical infrastructure sectors
Energy, Healthcare and Public Health, Transportation Systems
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:
Recommended Practices
NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and
solutions, please contact the Siemens ProductCERT:
https://www.siemens.com/cert/advisories
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Exploitability
No known public exploits specifically target these vulnerabilities.
{
"document": {
"acknowledgments": [
{
"organization": "Siemens",
"summary": "reporting these vulnerabilities to NCCIC"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could result in remote code execution and/or a denial-of-service condition.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Energy, Healthcare and Public Health, Transportation Systems",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and \nsolutions, please contact the Siemens ProductCERT:\n\nhttps://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-19-099-05 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2019/icsa-19-099-05.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-19-099-05 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-19-099-05"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "SSA-496604: SSA-451142: Multiple Vulnerabilities in RUGGEDCOM ROX II - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/SSA-451142.txt"
}
],
"title": "Siemens RUGGEDCOM ROX II",
"tracking": {
"current_release_date": "2019-04-09T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-19-099-05",
"initial_release_date": "2019-04-09T00:00:00.000000Z",
"revision_history": [
{
"date": "2019-04-09T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-19-099-05 Siemens RUGGEDCOM ROX II"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V2.13.0",
"product": {
"name": "RUGGEDCOM ROX II: All versions \u003c V2.13.0",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM ROX II"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-5379",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "The shipped version of the Quagga BGP daemon (bgpd) can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. A successful attack could cause a denial of service or potentially allow an attacker to execute arbitrary code.",
"title": "Summary"
},
{
"category": "summary",
"text": "The security vulnerability could be exploited by an attacker spoofing a malicious BGP UPDATE message within the network. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality, integrity and availability of the affected system.",
"title": "Summary"
},
{
"category": "summary",
"text": "At the time of advisory publication no public exploitation of this security vulnerability was known.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5379"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Disable the BGP routing service if not in use in your setup.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Configure BGP passwords to authenticate BGP neighbours.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2018-5380",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The shipped version of the Quagga BGP daemon (bgpd) can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input.",
"title": "Summary"
},
{
"category": "summary",
"text": "The security vulnerability could be exploited by an attacker spoofing a malicious BGP code-point. Successful exploitation requires the attacker to be in the position of a configured, trusted BGP peer. No system privileges and no user interaction is required. An attacker could use the vulnerability to insert binary data into the internal log files.",
"title": "Summary"
},
{
"category": "summary",
"text": "At the time of advisory publication no public exploitation of this security vulnerability was known.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5380"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Disable the BGP routing service if not in use in your setup.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Configure BGP passwords to authenticate BGP neighbours.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2018-5381",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "The shipped version of the Quagga BGP daemon (bgpd) has a bug in its parsing of \"Capabilities\" in BGP OPEN messages. The parser can enter an infinite loop on invalid capabilities causing a denial of service.",
"title": "Summary"
},
{
"category": "summary",
"text": "The security vulnerability could be exploited by an attacker spoofing a malicious BGP OPEN message. Successful exploitation requires the attacker to be in the position of a configured, trusted BGP peer. No system privileges and no user interaction is required. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the affected system.",
"title": "Summary"
},
{
"category": "summary",
"text": "At the time of advisory publication no public exploitation of this security vulnerability was known.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5381"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Disable the BGP routing service if not in use in your setup.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Configure BGP passwords to authenticate BGP neighbours.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
}
]
}
icsa-19-099-05
Vulnerability from csaf_cisa
Published
2019-04-09 00:00
Modified
2019-04-09 00:00
Summary
Siemens RUGGEDCOM ROX II
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could result in remote code execution and/or a denial-of-service condition.
Critical infrastructure sectors
Energy, Healthcare and Public Health, Transportation Systems
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:
Recommended Practices
NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and
solutions, please contact the Siemens ProductCERT:
https://www.siemens.com/cert/advisories
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Exploitability
No known public exploits specifically target these vulnerabilities.
{
"document": {
"acknowledgments": [
{
"organization": "Siemens",
"summary": "reporting these vulnerabilities to NCCIC"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could result in remote code execution and/or a denial-of-service condition.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Energy, Healthcare and Public Health, Transportation Systems",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and \nsolutions, please contact the Siemens ProductCERT:\n\nhttps://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-19-099-05 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2019/icsa-19-099-05.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-19-099-05 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-19-099-05"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "SSA-496604: SSA-451142: Multiple Vulnerabilities in RUGGEDCOM ROX II - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/SSA-451142.txt"
}
],
"title": "Siemens RUGGEDCOM ROX II",
"tracking": {
"current_release_date": "2019-04-09T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-19-099-05",
"initial_release_date": "2019-04-09T00:00:00.000000Z",
"revision_history": [
{
"date": "2019-04-09T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-19-099-05 Siemens RUGGEDCOM ROX II"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V2.13.0",
"product": {
"name": "RUGGEDCOM ROX II: All versions \u003c V2.13.0",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM ROX II"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-5379",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "The shipped version of the Quagga BGP daemon (bgpd) can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. A successful attack could cause a denial of service or potentially allow an attacker to execute arbitrary code.",
"title": "Summary"
},
{
"category": "summary",
"text": "The security vulnerability could be exploited by an attacker spoofing a malicious BGP UPDATE message within the network. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality, integrity and availability of the affected system.",
"title": "Summary"
},
{
"category": "summary",
"text": "At the time of advisory publication no public exploitation of this security vulnerability was known.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5379"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Disable the BGP routing service if not in use in your setup.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Configure BGP passwords to authenticate BGP neighbours.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2018-5380",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The shipped version of the Quagga BGP daemon (bgpd) can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input.",
"title": "Summary"
},
{
"category": "summary",
"text": "The security vulnerability could be exploited by an attacker spoofing a malicious BGP code-point. Successful exploitation requires the attacker to be in the position of a configured, trusted BGP peer. No system privileges and no user interaction is required. An attacker could use the vulnerability to insert binary data into the internal log files.",
"title": "Summary"
},
{
"category": "summary",
"text": "At the time of advisory publication no public exploitation of this security vulnerability was known.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5380"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Disable the BGP routing service if not in use in your setup.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Configure BGP passwords to authenticate BGP neighbours.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2018-5381",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "The shipped version of the Quagga BGP daemon (bgpd) has a bug in its parsing of \"Capabilities\" in BGP OPEN messages. The parser can enter an infinite loop on invalid capabilities causing a denial of service.",
"title": "Summary"
},
{
"category": "summary",
"text": "The security vulnerability could be exploited by an attacker spoofing a malicious BGP OPEN message. Successful exploitation requires the attacker to be in the position of a configured, trusted BGP peer. No system privileges and no user interaction is required. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the affected system.",
"title": "Summary"
},
{
"category": "summary",
"text": "At the time of advisory publication no public exploitation of this security vulnerability was known.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5381"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Disable the BGP routing service if not in use in your setup.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Configure BGP passwords to authenticate BGP neighbours.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
}
]
}
ghsa-265f-c4jh-jcfq
Vulnerability from github
Published
2022-05-13 01:32
Modified
2022-05-13 01:32
Severity ?
Details
The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input.
{
"affected": [],
"aliases": [
"CVE-2018-5380"
],
"database_specific": {
"cwe_ids": [
"CWE-125"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-02-19T13:29:00Z",
"severity": "MODERATE"
},
"details": "The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input.",
"id": "GHSA-265f-c4jh-jcfq",
"modified": "2022-05-13T01:32:13Z",
"published": "2022-05-13T01:32:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5380"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-451142.pdf"
},
{
"type": "WEB",
"url": "https://gogs.quagga.net/Quagga/quagga/src/master/doc/security/Quagga-2018-1550.txt"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00021.html"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201804-17"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3573-1"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2018/dsa-4115"
},
{
"type": "WEB",
"url": "http://savannah.nongnu.org/forum/forum.php?forum_id=9095"
},
{
"type": "WEB",
"url": "http://www.kb.cert.org/vuls/id/940439"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.