Debian DSA-1059-1 : quagga - several vulnerabilities

medium Nessus Plugin ID 22601

Synopsis

The remote Debian host is missing a security-related update.

Description

Konstantin Gavrilenko discovered several vulnerabilities in quagga, the BGP/OSPF/RIP routing daemon. The Common Vulnerabilities and Exposures project identifies the following problems :

- CVE-2006-2223 Remote attackers may obtain sensitive information via RIPv1 REQUEST packets even if the quagga has been configured to use MD5 authentication.

- CVE-2006-2224 Remote attackers could inject arbitrary routes using the RIPv1 RESPONSE packet even if the quagga has been configured to use MD5 authentication.

- CVE-2006-2276 Fredrik Widell discovered that local users can cause a denial of service in a certain sh ip bgp command entered in the telnet interface.

Solution

Upgrade the quagga package.

The old stable distribution (woody) does not contain quagga packages.

For the stable distribution (sarge) these problems have been fixed in version 0.98.3-7.2.

See Also

https://security-tracker.debian.org/tracker/CVE-2006-2276

http://www.debian.org/security/2006/dsa-1059

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365940

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=366980

https://security-tracker.debian.org/tracker/CVE-2006-2223

https://security-tracker.debian.org/tracker/CVE-2006-2224

Plugin Details

Severity: Medium

ID: 22601

File Name: debian_DSA-1059.nasl

Version: 1.19

Type: local

Agent: unix

Published: 10/14/2006

Updated: 1/4/2021

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:quagga, cpe:/o:debian:debian_linux:3.1

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/19/2006

Vulnerability Publication Date: 3/29/2006

Reference Information

CVE: CVE-2006-2223, CVE-2006-2224, CVE-2006-2276

BID: 17808

DSA: 1059