Vulnerability-Lookup

CVE-2009-1572 (GCVE-0-2009-1572)

Vulnerability from cvelistv5 – Published: 2009-05-06 17:00 – Updated: 2024-08-07 05:20

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.osvdb.org/54200	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/35203	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/34999	third-party-advisoryx_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://www.securitytracker.com/id?1022164	vdb-entryx_refsource_SECTRACK
	http://www.ubuntu.com/usn/usn-775-1	vendor-advisoryx_refsource_UBUNTU
	http://www.openwall.com/lists/oss-security/2009/05/01/1	mailing-listx_refsource_MLIST
	http://marc.info/?l=quagga-dev&m=123364779626078&w=2	mailing-listx_refsource_MLIST
	http://thread.gmane.org/gmane.network.quagga.devel/6513	x_refsource_MISC
	http://www.debian.org/security/2009/dsa-1788	vendor-advisoryx_refsource_DEBIAN
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/35685	third-party-advisoryx_refsource_SECUNIA
	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
	http://secunia.com/advisories/35061	third-party-advisoryx_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526311	x_refsource_CONFIRM
	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
	http://www.securityfocus.com/bid/34817	vdb-entryx_refsource_BID
	http://www.openwall.com/lists/oss-security/2009/05/01/2	mailing-listx_refsource_MLIST

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:20:34.055Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "54200",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/54200"
          },
          {
            "name": "35203",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35203"
          },
          {
            "name": "34999",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34999"
          },
          {
            "name": "MDVSA-2009:109",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:109"
          },
          {
            "name": "1022164",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022164"
          },
          {
            "name": "USN-775-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-775-1"
          },
          {
            "name": "[oss-security] 20090501 CVE request (sort of): Quagga BGP crasher",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2009/05/01/1"
          },
          {
            "name": "[quagga-dev] 20090203 [quagga-dev 6391]  [PATCH] BGP 4-byte ASN bug fixes",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=quagga-dev\u0026m=123364779626078\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://thread.gmane.org/gmane.network.quagga.devel/6513"
          },
          {
            "name": "DSA-1788",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1788"
          },
          {
            "name": "quagga-systemnumber-dos(50317)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50317"
          },
          {
            "name": "35685",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35685"
          },
          {
            "name": "FEDORA-2009-5324",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01107.html"
          },
          {
            "name": "35061",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35061"
          },
          {
            "name": "SUSE-SR:2009:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526311"
          },
          {
            "name": "FEDORA-2009-5284",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01037.html"
          },
          {
            "name": "34817",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34817"
          },
          {
            "name": "[oss-security] 20090501 Re: CVE request (sort of): Quagga BGP crasher",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2009/05/01/2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-04-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service (crash) via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "54200",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/54200"
        },
        {
          "name": "35203",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35203"
        },
        {
          "name": "34999",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34999"
        },
        {
          "name": "MDVSA-2009:109",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:109"
        },
        {
          "name": "1022164",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022164"
        },
        {
          "name": "USN-775-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-775-1"
        },
        {
          "name": "[oss-security] 20090501 CVE request (sort of): Quagga BGP crasher",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2009/05/01/1"
        },
        {
          "name": "[quagga-dev] 20090203 [quagga-dev 6391]  [PATCH] BGP 4-byte ASN bug fixes",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://marc.info/?l=quagga-dev\u0026m=123364779626078\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://thread.gmane.org/gmane.network.quagga.devel/6513"
        },
        {
          "name": "DSA-1788",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1788"
        },
        {
          "name": "quagga-systemnumber-dos(50317)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50317"
        },
        {
          "name": "35685",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35685"
        },
        {
          "name": "FEDORA-2009-5324",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01107.html"
        },
        {
          "name": "35061",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35061"
        },
        {
          "name": "SUSE-SR:2009:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526311"
        },
        {
          "name": "FEDORA-2009-5284",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01037.html"
        },
        {
          "name": "34817",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34817"
        },
        {
          "name": "[oss-security] 20090501 Re: CVE request (sort of): Quagga BGP crasher",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2009/05/01/2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-1572",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service (crash) via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "54200",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/54200"
            },
            {
              "name": "35203",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35203"
            },
            {
              "name": "34999",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34999"
            },
            {
              "name": "MDVSA-2009:109",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:109"
            },
            {
              "name": "1022164",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022164"
            },
            {
              "name": "USN-775-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-775-1"
            },
            {
              "name": "[oss-security] 20090501 CVE request (sort of): Quagga BGP crasher",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2009/05/01/1"
            },
            {
              "name": "[quagga-dev] 20090203 [quagga-dev 6391]  [PATCH] BGP 4-byte ASN bug fixes",
              "refsource": "MLIST",
              "url": "http://marc.info/?l=quagga-dev\u0026m=123364779626078\u0026w=2"
            },
            {
              "name": "http://thread.gmane.org/gmane.network.quagga.devel/6513",
              "refsource": "MISC",
              "url": "http://thread.gmane.org/gmane.network.quagga.devel/6513"
            },
            {
              "name": "DSA-1788",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1788"
            },
            {
              "name": "quagga-systemnumber-dos(50317)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50317"
            },
            {
              "name": "35685",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35685"
            },
            {
              "name": "FEDORA-2009-5324",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01107.html"
            },
            {
              "name": "35061",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35061"
            },
            {
              "name": "SUSE-SR:2009:012",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
            },
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526311",
              "refsource": "CONFIRM",
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526311"
            },
            {
              "name": "FEDORA-2009-5284",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01037.html"
            },
            {
              "name": "34817",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/34817"
            },
            {
              "name": "[oss-security] 20090501 Re: CVE request (sort of): Quagga BGP crasher",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2009/05/01/2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-1572",
    "datePublished": "2009-05-06T17:00:00",
    "dateReserved": "2009-05-06T00:00:00",
    "dateUpdated": "2024-08-07T05:20:34.055Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2009-1572\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2009-05-06T17:30:00.233\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service (crash) via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error.\"},{\"lang\":\"es\",\"value\":\"El  demonio BGP (bgpd) in Quagga v0.99.11 y anteriores, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de una ruta AS que contiene elementos ASN cuya representaci\u00f3n de cadena es mayor que la esperada, lo que provoca un error de aserci\u00f3n.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"0.99.11\",\"matchCriteriaId\":\"D0ADB352-4A60-4B8E-A231-7498E0EE1A0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD7A8AD5-A315-4242-960C-05E792B30547\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B83BCE2-24D0-4B5B-A034-62BFF1894AE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDD63DD9-1809-4CEC-AB69-955A7B127CA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A2AD1AD-DDE2-477B-8EFD-767B6FD8EDBB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.96.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99BD881B-9B53-4E12-B083-87C9C87CDF62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.96.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F910313F-FFE1-470A-A9B6-8A854C73DC97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.96.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B0A9232-968D-4D3E-82A0-F5CC858EAF48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.97.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD5F4CFB-BE1F-4424-8D2F-B921704E3AA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.97.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A55FF13-8E56-4A27-B7FD-A855735E1045\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.97.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7DDBC3B-99BB-4404-9A73-90ED6581D69A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.97.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB09A713-E91E-44E7-8B82-F70F655A97B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.97.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10173750-690B-4576-AB3F-11A0861AA78B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.97.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EF8693A-D561-4D2E-BD60-5630601C6A94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.98.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE43983A-73CB-41A5-889B-1AEA9A27F440\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.98.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EB589E9-85C0-4E87-856B-A2832383B129\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.98.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CF5EB8A-8E46-4490-BA88-03D4BED3EB84\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.98.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6445BEF-245C-47CE-9779-96C97CFD4DA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.98.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48D007FD-C1AD-477E-9AA5-DDB4522D3248\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.98.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6ADB9F6-B519-45D0-966F-F095372FBB49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.98.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E914BAF-2E3A-415E-BAA7-FA02B4A22E25\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55FCB7EC-8060-434B-B485-0DC7DBFE117D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9524E069-2A80-4068-9945-2752EF2126EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E1B30CC-478C-4BD1-AF4C-D126B8CCE8D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D713119-F9C6-4656-92C9-A5B863A4B72F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A5E99C8-3778-416B-915F-7335C72435B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"578DCE6D-3360-43DA-B22E-E0005A6AF388\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4D7B93B-0CF5-4CAF-B1F4-8A816A427BC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FDAF214-1851-4DFC-ACAA-37D8CD83D323\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B41BBCA6-237B-4CB6-9208-571D47251E18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD6CAB29-56F9-4C54-97D8-CBB338658EB0\"}]}]}],\"references\":[{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526311\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=quagga-dev\u0026m=123364779626078\u0026w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://secunia.com/advisories/34999\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/35061\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/35203\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/35685\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://thread.gmane.org/gmane.network.quagga.devel/6513\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.debian.org/security/2009/dsa-1788\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2009:109\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2009/05/01/1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2009/05/01/2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.osvdb.org/54200\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/34817\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1022164\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ubuntu.com/usn/usn-775-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/50317\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01037.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01107.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526311\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=quagga-dev\u0026m=123364779626078\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://secunia.com/advisories/34999\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/35061\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/35203\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/35685\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://thread.gmane.org/gmane.network.quagga.devel/6513\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.debian.org/security/2009/dsa-1788\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2009:109\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2009/05/01/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2009/05/01/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/54200\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/34817\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1022164\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/usn-775-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/50317\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01037.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01107.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"Not vulnerable. This issue did not affect the versions of zebra as shipped with Red Hat Enterprise Linux 2.1, and the versions of quagga as shipped with Red Hat Enterprise Linux 3, 4, or 5.\",\"lastModified\":\"2009-05-18T00:00:00\"}]}}"
  }
}

GHSA-7PV4-F272-HV95

Vulnerability from github – Published: 2022-05-02 03:26 – Updated: 2022-05-02 03:26

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2009-1572"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-05-06T17:30:00Z",
    "severity": "MODERATE"
  },
  "details": "The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service (crash) via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error.",
  "id": "GHSA-7pv4-f272-hv95",
  "modified": "2022-05-02T03:26:30Z",
  "published": "2022-05-02T03:26:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1572"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50317"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01037.html"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01107.html"
    },
    {
      "type": "WEB",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526311"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=quagga-dev\u0026m=123364779626078\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/34999"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/35061"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/35203"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/35685"
    },
    {
      "type": "WEB",
      "url": "http://thread.gmane.org/gmane.network.quagga.devel/6513"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2009/dsa-1788"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:109"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2009/05/01/1"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2009/05/01/2"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/54200"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/34817"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1022164"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-775-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

VAR-200905-0194

Vulnerability from variot - Updated: 2022-05-04 07:50

The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service (crash) via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error. Quagga is prone to a remote denial-of-service vulnerability. Exploiting this issue allows remote attackers to cause the vulnerable process to crash, denying further service to legitimate users. Quagga 0.99.11 is vulnerable; other versions may also be affected. ----------------------------------------------------------------------

Are you missing:

SECUNIA ADVISORY ID:

Critical:

Impact:

Where:

within the advisory below?

This is now part of the Secunia commercial solutions.

-- Debian GNU/Linux 5.0 alias lenny --

Source archives:

http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10.orig.tar.gz Size/MD5 checksum: 2424191 c7a2d92e1c42214afef9b2e1cd4b5d06 http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2.diff.gz Size/MD5 checksum: 40070 b72e19ed913b32923cf4ef293c67f71c http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2.dsc Size/MD5 checksum: 1651 a8ef80d57fd5a5a5b08c7ccc70e6a179

Architecture independent packages:

http://security.debian.org/pool/updates/main/q/quagga/quagga-doc_0.99.10-1lenny2_all.deb Size/MD5 checksum: 661226 720947423143cb35eb5c26a0d420066b

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_alpha.deb Size/MD5 checksum: 1902736 570becd04ecb3dd8a0581010884928df

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_amd64.deb Size/MD5 checksum: 1748838 f3fcd731d119c422463c36bb4f08be1a

arm architecture (ARM)

http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_arm.deb Size/MD5 checksum: 1449222 6b654e2d4e1a4f00169309ebbbd3dbf9

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_hppa.deb Size/MD5 checksum: 1681872 8894106d57df0a3d92bb84f148150c2d

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_i386.deb Size/MD5 checksum: 1606310 80046937a2da8a949a8167f753a583ce

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_mipsel.deb Size/MD5 checksum: 1600660 716f61415932929c2f668f99faea448e

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_powerpc.deb Size/MD5 checksum: 1715848 995194031d563994b7d77018d8a4ca3e

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_s390.deb Size/MD5 checksum: 1794568 b1b47e8dae153461f73c98a61c653e1e

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_sparc.deb Size/MD5 checksum: 1670342 18f98f0978f510ac18636ca1ccc9dfe7

-- Debian GNU/Linux unstable alias sid --

Fixed in version 0.99.11-2.

Updated packages are available that bring Quagga to version 0.99.12 which provides numerous bugfixes over the previous 0.99.9 version, and also corrects this issue.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1572

Updated Packages:

Corporate 4.0: 48c1d2504e08d2a26ac6ace2bc01124d corporate/4.0/i586/libquagga0-0.99.12-0.1.20060mlcs4.i586.rpm df93a452f47b8926f65a51231dd11f36 corporate/4.0/i586/libquagga0-devel-0.99.12-0.1.20060mlcs4.i586.rpm d2386e488423fbb81e44cb6dda4de9df corporate/4.0/i586/quagga-0.99.12-0.1.20060mlcs4.i586.rpm d4b9c5e2cec03ce49a76adcfe0e4a42e corporate/4.0/i586/quagga-contrib-0.99.12-0.1.20060mlcs4.i586.rpm 15e76c29c25f7730eae72c18da15b772 corporate/4.0/SRPMS/quagga-0.99.12-0.1.20060mlcs4.src.rpm

Corporate 4.0/X86_64: afc986d05e0bde73541f0cfe5b147d2c corporate/4.0/x86_64/lib64quagga0-0.99.12-0.1.20060mlcs4.x86_64.rpm 4cc0bec07f2b919abeac75dc06d7f3c0 corporate/4.0/x86_64/lib64quagga0-devel-0.99.12-0.1.20060mlcs4.x86_64.rpm 3d606fef235993483e9a448665e4e377 corporate/4.0/x86_64/quagga-0.99.12-0.1.20060mlcs4.x86_64.rpm f549ced36115d6609ac835c5aca0863d corporate/4.0/x86_64/quagga-contrib-0.99.12-0.1.20060mlcs4.x86_64.rpm 15e76c29c25f7730eae72c18da15b772 corporate/4.0/SRPMS/quagga-0.99.12-0.1.20060mlcs4.src.rpm

To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFKBsjAmqjQ0CJFipgRAkoyAJ4o+uz6I6p3tycZQfB5GbqTsTL5TwCgjJHK lIRHZW4+jB0P4UXMSyVUpxo= =2fxe -----END PGP SIGNATURE-----

Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . =========================================================== Ubuntu Security Notice USN-775-1 May 12, 2009 quagga vulnerability CVE-2009-1572 ===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04

This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the following package versions:

Ubuntu 6.06 LTS: quagga 0.99.2-1ubuntu3.5

Ubuntu 8.04 LTS: quagga 0.99.9-2ubuntu1.2

Ubuntu 8.10: quagga 0.99.9-6ubuntu0.1

Ubuntu 9.04: quagga 0.99.11-1ubuntu0.1

In general, a standard system upgrade is sufficient to effect the necessary changes.

Details follow:

It was discovered that the BGP service in Quagga did not correctly handle certain AS paths containing 4-byte ASNs. ----------------------------------------------------------------------

Do you have VARM strategy implemented?

(Vulnerability Assessment Remediation Management)

If not, then implement it through the most reliable vulnerability intelligence source on the market.

Implement it through Secunia.

For more information visit: http://secunia.com/advisories/business_solutions/

Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com

TITLE: SUSE Update for Multiple Packages

SECUNIA ADVISORY ID: SA35685

VERIFY ADVISORY: http://secunia.com/advisories/35685/

DESCRIPTION: SUSE has issued an update for multiple packages. This fixes some vulnerabilities, which can be exploited by malicious users to disclose sensitive information, manipulate certain data, and by malicious people to disclose sensitive information, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.

For more information: SA33338 SA33853 SA33884 SA34035 SA34481 SA34746 SA34797 SA35021 SA35128 SA35216 SA35296 SA35344 SA35422

1) A boundary error exists within the "pg_db_putline()" function in perl-DBD-Pg's dbdimp.c. This can be exploited to cause a heap-based buffer overflow if malicious rows are retrieved from the database using the "pg_getline()" or "getline()" function.

2) A memory leak exists within the function "dequote_bytea()" in perl-DBD-Pg's quote.c, which can be exploited to cause a memory exhaustion.

3) Various integer overflow errors exist within the "pdftops" application. This can be exploited to e.g. cause a crash or potentially execute arbitrary code by printing a specially crafted PDF file.

4) A vulnerability is caused due to an assertion error in bgpd when handling an AS path containing multiple 4 byte AS numbers, which can be exploited to crash to the daemon by advertising specially crafted AS paths.

SOLUTION: Apply updated packages via YaST Online Update or the SUSE FTP server.

ORIGINAL ADVISORY: SUSE-SR:2009:012: http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html

OTHER REFERENCES: SA33338: http://secunia.com/advisories/33338/

SA33853: http://secunia.com/advisories/33853/

SA33884: http://secunia.com/advisories/33884/

SA34035: http://secunia.com/advisories/34035/

SA34481: http://secunia.com/advisories/34481/

SA34746: http://secunia.com/advisories/34746/

SA34797: http://secunia.com/advisories/34797/

SA35021: http://secunia.com/advisories/35021/

SA35128: http://secunia.com/advisories/35128/

SA35216: http://secunia.com/advisories/35216/

SA35296: http://secunia.com/advisories/35296/

SA35344: http://secunia.com/advisories/35344/

SA35422: http://secunia.com/advisories/35422/

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200905-0194",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "quagga",
        "scope": "lte",
        "trust": 1.8,
        "vendor": "quagga",
        "version": "0.99.11"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "quagga",
        "version": "0.98.3"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "quagga",
        "version": "0.99.9"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "quagga",
        "version": "0.96.4"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "quagga",
        "version": "0.98.1"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "quagga",
        "version": "0.99.1"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "quagga",
        "version": "0.99.5"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "quagga",
        "version": "0.99.7"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "quagga",
        "version": "0.98.4"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "quagga",
        "version": "0.98.2"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "quagga",
        "version": "0.97.3"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "quagga",
        "version": "0.96.3"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "quagga",
        "version": "0.99.10"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "quagga",
        "version": "0.97.5"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "quagga",
        "version": "0.99.8"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "quagga",
        "version": "0.99.2"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "quagga",
        "version": "0.99.4"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "quagga",
        "version": "0.98.5"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "quagga",
        "version": "0.96.2"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "quagga",
        "version": "0.96.1"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "quagga",
        "version": "0.97.0"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "quagga",
        "version": "0.98.0"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "quagga",
        "version": "0.98.6"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "quagga",
        "version": "0.96.5"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "quagga",
        "version": "0.99.6"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "quagga",
        "version": "0.96"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "quagga",
        "version": "0.97.1"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "quagga",
        "version": "0.97.2"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "quagga",
        "version": "0.97.4"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "quagga",
        "version": "0.95"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "quagga",
        "version": "0.99.3"
      },
      {
        "model": "quagga",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "quagga",
        "version": "0.99.11"
      },
      {
        "model": "linux sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "9.04"
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "9.04"
      },
      {
        "model": "linux lpia",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "9.04"
      },
      {
        "model": "linux i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "9.04"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "9.04"
      },
      {
        "model": "linux sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "8.10"
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "8.10"
      },
      {
        "model": "linux lpia",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "8.10"
      },
      {
        "model": "linux i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "8.10"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "8.10"
      },
      {
        "model": "linux lts sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "8.04"
      },
      {
        "model": "linux lts powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "8.04"
      },
      {
        "model": "linux lts lpia",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "8.04"
      },
      {
        "model": "linux lts i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "8.04"
      },
      {
        "model": "linux lts amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "8.04"
      },
      {
        "model": "linux lts sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "6.06"
      },
      {
        "model": "linux lts powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "6.06"
      },
      {
        "model": "linux lts i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "6.06"
      },
      {
        "model": "linux lts amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "6.06"
      },
      {
        "model": "linux enterprise server sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "9"
      },
      {
        "model": "linux enterprise server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "9"
      },
      {
        "model": "linux enterprise server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "11"
      },
      {
        "model": "linux enterprise server sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "10"
      },
      {
        "model": "linux enterprise server sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "10"
      },
      {
        "model": "linux enterprise server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "10"
      },
      {
        "model": "linux enterprise desktop sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "10"
      },
      {
        "model": "linux enterprise desktop sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "10"
      },
      {
        "model": "linux enterprise desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "10"
      },
      {
        "model": "linux enterprise sp2 debuginfo",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "10"
      },
      {
        "model": "linux enterprise sp1 debuginfo",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "10"
      },
      {
        "model": "suse linux enterprise server rt solution",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "100"
      },
      {
        "model": "opensuse",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "11.1"
      },
      {
        "model": "opensuse",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "11.0"
      },
      {
        "model": "opensuse",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "10.3"
      },
      {
        "model": "routing software suite",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "quagga",
        "version": "0.99.11"
      },
      {
        "model": "routing software suite",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "quagga",
        "version": "0.99.9"
      },
      {
        "model": "routing software suite",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "quagga",
        "version": "0.99.8"
      },
      {
        "model": "routing software suite",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "quagga",
        "version": "0.99.7"
      },
      {
        "model": "routing software suite",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "quagga",
        "version": "0.99.6"
      },
      {
        "model": "routing software suite",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "quagga",
        "version": "0.99.5"
      },
      {
        "model": "routing software suite",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "quagga",
        "version": "0.99.4"
      },
      {
        "model": "routing software suite",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "quagga",
        "version": "0.99.3"
      },
      {
        "model": "routing software suite",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "quagga",
        "version": "0.99.2"
      },
      {
        "model": "routing software suite",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "quagga",
        "version": "0.99.1"
      },
      {
        "model": "routing software suite",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "quagga",
        "version": "0.98.6"
      },
      {
        "model": "routing software suite",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "quagga",
        "version": "0.98.5"
      },
      {
        "model": "routing software suite",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "quagga",
        "version": "0.98.3"
      },
      {
        "model": "routing software suite",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "quagga",
        "version": "0.97.3"
      },
      {
        "model": "routing software suite",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "quagga",
        "version": "0.96.4"
      },
      {
        "model": "routing software suite",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "quagga",
        "version": "0.96.3"
      },
      {
        "model": "routing software suite",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "quagga",
        "version": "0.96.2"
      },
      {
        "model": "corporate server x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "4.0"
      },
      {
        "model": "corporate server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "4.0"
      },
      {
        "model": "linux sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux s/390",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux mipsel",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux mips",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux m68k",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux ia-64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux ia-32",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux hppa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux armel",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux arm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux alpha",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "34817"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002713"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200905-076"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-1572"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.96.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.96.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.97.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.97.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "0.99.11",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.98.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.97.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.98.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.98.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.96.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.97.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.98.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.98.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.97.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.97.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.98.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.98.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2009-1572"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Chris Caputo",
    "sources": [
      {
        "db": "BID",
        "id": "34817"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200905-076"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2009-1572",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 5.0,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2009-1572",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 1.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2009-1572",
            "trust": 1.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200905-076",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002713"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200905-076"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-1572"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service (crash) via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error. Quagga is prone to a remote denial-of-service vulnerability. \nExploiting this issue allows remote attackers to cause the vulnerable process to crash, denying further service to legitimate users. \nQuagga 0.99.11 is vulnerable; other versions may also be affected. ----------------------------------------------------------------------\n\nAre you missing:\n\nSECUNIA ADVISORY ID:\n\nCritical:\n\nImpact:\n\nWhere:\n\nwithin the advisory below?\n\nThis is now part of the Secunia commercial solutions. \n\n-- Debian GNU/Linux 5.0 alias lenny --\n\nSource archives:\n\nhttp://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10.orig.tar.gz\nSize/MD5 checksum: 2424191 c7a2d92e1c42214afef9b2e1cd4b5d06\nhttp://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2.diff.gz\nSize/MD5 checksum: 40070 b72e19ed913b32923cf4ef293c67f71c\nhttp://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2.dsc\nSize/MD5 checksum: 1651 a8ef80d57fd5a5a5b08c7ccc70e6a179\n\nArchitecture independent packages:\n\nhttp://security.debian.org/pool/updates/main/q/quagga/quagga-doc_0.99.10-1lenny2_all.deb\nSize/MD5 checksum: 661226 720947423143cb35eb5c26a0d420066b\n\nalpha architecture (DEC Alpha)\n\nhttp://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_alpha.deb\nSize/MD5 checksum: 1902736 570becd04ecb3dd8a0581010884928df\n\namd64 architecture (AMD x86_64 (AMD64))\n\nhttp://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_amd64.deb\nSize/MD5 checksum: 1748838 f3fcd731d119c422463c36bb4f08be1a\n\narm architecture (ARM)\n\nhttp://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_arm.deb\nSize/MD5 checksum: 1449222 6b654e2d4e1a4f00169309ebbbd3dbf9\n\nhppa architecture (HP PA RISC)\n\nhttp://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_hppa.deb\nSize/MD5 checksum: 1681872 8894106d57df0a3d92bb84f148150c2d\n\ni386 architecture (Intel ia32)\n\nhttp://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_i386.deb\nSize/MD5 checksum: 1606310 80046937a2da8a949a8167f753a583ce\n\nmipsel architecture (MIPS (Little Endian))\n\nhttp://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_mipsel.deb\nSize/MD5 checksum: 1600660 716f61415932929c2f668f99faea448e\n\npowerpc architecture (PowerPC)\n\nhttp://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_powerpc.deb\nSize/MD5 checksum: 1715848 995194031d563994b7d77018d8a4ca3e\n\ns390 architecture (IBM S/390)\n\nhttp://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_s390.deb\nSize/MD5 checksum: 1794568 b1b47e8dae153461f73c98a61c653e1e\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\nhttp://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_sparc.deb\nSize/MD5 checksum: 1670342 18f98f0978f510ac18636ca1ccc9dfe7\n\n-- Debian GNU/Linux unstable alias sid --\n\nFixed in version 0.99.11-2. \n \n Updated packages are available that bring Quagga to version 0.99.12\n which provides numerous bugfixes over the previous 0.99.9 version,\n and also corrects this issue. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1572\n _______________________________________________________________________\n\n Updated Packages:\n\n Corporate 4.0:\n 48c1d2504e08d2a26ac6ace2bc01124d  corporate/4.0/i586/libquagga0-0.99.12-0.1.20060mlcs4.i586.rpm\n df93a452f47b8926f65a51231dd11f36  corporate/4.0/i586/libquagga0-devel-0.99.12-0.1.20060mlcs4.i586.rpm\n d2386e488423fbb81e44cb6dda4de9df  corporate/4.0/i586/quagga-0.99.12-0.1.20060mlcs4.i586.rpm\n d4b9c5e2cec03ce49a76adcfe0e4a42e  corporate/4.0/i586/quagga-contrib-0.99.12-0.1.20060mlcs4.i586.rpm \n 15e76c29c25f7730eae72c18da15b772  corporate/4.0/SRPMS/quagga-0.99.12-0.1.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n afc986d05e0bde73541f0cfe5b147d2c  corporate/4.0/x86_64/lib64quagga0-0.99.12-0.1.20060mlcs4.x86_64.rpm\n 4cc0bec07f2b919abeac75dc06d7f3c0  corporate/4.0/x86_64/lib64quagga0-devel-0.99.12-0.1.20060mlcs4.x86_64.rpm\n 3d606fef235993483e9a448665e4e377  corporate/4.0/x86_64/quagga-0.99.12-0.1.20060mlcs4.x86_64.rpm\n f549ced36115d6609ac835c5aca0863d  corporate/4.0/x86_64/quagga-contrib-0.99.12-0.1.20060mlcs4.x86_64.rpm \n 15e76c29c25f7730eae72c18da15b772  corporate/4.0/SRPMS/quagga-0.99.12-0.1.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security.  You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n  http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n  security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID     Date       User ID\n pub  1024D/22458A98 2000-07-10 Mandriva Security Team\n  \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFKBsjAmqjQ0CJFipgRAkoyAJ4o+uz6I6p3tycZQfB5GbqTsTL5TwCgjJHK\nlIRHZW4+jB0P4UXMSyVUpxo=\n=2fxe\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ===========================================================\nUbuntu Security Notice USN-775-1               May 12, 2009\nquagga vulnerability\nCVE-2009-1572\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 8.04 LTS\nUbuntu 8.10\nUbuntu 9.04\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n  quagga                          0.99.2-1ubuntu3.5\n\nUbuntu 8.04 LTS:\n  quagga                          0.99.9-2ubuntu1.2\n\nUbuntu 8.10:\n  quagga                          0.99.9-6ubuntu0.1\n\nUbuntu 9.04:\n  quagga                          0.99.11-1ubuntu0.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nIt was discovered that the BGP service in Quagga did not correctly\nhandle certain AS paths containing 4-byte ASNs. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management)  \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nSUSE Update for Multiple Packages\n\nSECUNIA ADVISORY ID:\nSA35685\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/35685/\n\nDESCRIPTION:\nSUSE has issued an update for multiple packages. This fixes some\nvulnerabilities, which can be exploited by malicious users to\ndisclose sensitive information, manipulate certain data, and by\nmalicious people to disclose sensitive information, cause a DoS\n(Denial of Service), and potentially compromise a vulnerable system. \n\nFor more information:\nSA33338\nSA33853\nSA33884\nSA34035\nSA34481\nSA34746\nSA34797\nSA35021\nSA35128\nSA35216\nSA35296\nSA35344\nSA35422\n\n1) A boundary error exists within the \"pg_db_putline()\" function in\nperl-DBD-Pg\u0027s dbdimp.c. This can be exploited to cause a heap-based\nbuffer overflow if malicious rows are retrieved from the database\nusing the \"pg_getline()\" or \"getline()\" function. \n\n2) A memory leak exists within the function \"dequote_bytea()\" in\nperl-DBD-Pg\u0027s quote.c, which can be exploited to cause a memory\nexhaustion. \n\n3) Various integer overflow errors exist within the \"pdftops\"\napplication. This can be exploited to e.g. cause a crash or\npotentially execute arbitrary code by printing a specially crafted\nPDF file. \n\n4) A vulnerability is caused due to an assertion error in bgpd when\nhandling an AS path containing multiple 4 byte AS numbers, which can\nbe exploited to crash to the daemon by advertising specially crafted\nAS paths. \n\nSOLUTION:\nApply updated packages via YaST Online Update or the SUSE FTP server. \n\nORIGINAL ADVISORY:\nSUSE-SR:2009:012:\nhttp://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html\n\nOTHER REFERENCES:\nSA33338:\nhttp://secunia.com/advisories/33338/\n\nSA33853:\nhttp://secunia.com/advisories/33853/\n\nSA33884:\nhttp://secunia.com/advisories/33884/\n\nSA34035:\nhttp://secunia.com/advisories/34035/\n\nSA34481:\nhttp://secunia.com/advisories/34481/\n\nSA34746:\nhttp://secunia.com/advisories/34746/\n\nSA34797:\nhttp://secunia.com/advisories/34797/\n\nSA35021:\nhttp://secunia.com/advisories/35021/\n\nSA35128:\nhttp://secunia.com/advisories/35128/\n\nSA35216:\nhttp://secunia.com/advisories/35216/\n\nSA35296:\nhttp://secunia.com/advisories/35296/\n\nSA35344:\nhttp://secunia.com/advisories/35344/\n\nSA35422:\nhttp://secunia.com/advisories/35422/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2009-1572"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002713"
      },
      {
        "db": "BID",
        "id": "34817"
      },
      {
        "db": "PACKETSTORM",
        "id": "77439"
      },
      {
        "db": "PACKETSTORM",
        "id": "77275"
      },
      {
        "db": "PACKETSTORM",
        "id": "77391"
      },
      {
        "db": "PACKETSTORM",
        "id": "77460"
      },
      {
        "db": "PACKETSTORM",
        "id": "77750"
      },
      {
        "db": "PACKETSTORM",
        "id": "78953"
      }
    ],
    "trust": 2.43
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2009-1572",
        "trust": 2.9
      },
      {
        "db": "BID",
        "id": "34817",
        "trust": 1.9
      },
      {
        "db": "SECUNIA",
        "id": "35061",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "34999",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "35203",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "35685",
        "trust": 1.7
      },
      {
        "db": "OPENWALL",
        "id": "OSS-SECURITY/2009/05/01/2",
        "trust": 1.6
      },
      {
        "db": "OPENWALL",
        "id": "OSS-SECURITY/2009/05/01/1",
        "trust": 1.6
      },
      {
        "db": "OSVDB",
        "id": "54200",
        "trust": 1.6
      },
      {
        "db": "SECTRACK",
        "id": "1022164",
        "trust": 1.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002713",
        "trust": 0.8
      },
      {
        "db": "UBUNTU",
        "id": "USN-775-1",
        "trust": 0.6
      },
      {
        "db": "MLIST",
        "id": "[OSS-SECURITY] 20090501 RE: CVE REQUEST (SORT OF): QUAGGA BGP CRASHER",
        "trust": 0.6
      },
      {
        "db": "MLIST",
        "id": "[OSS-SECURITY] 20090501 CVE REQUEST (SORT OF): QUAGGA BGP CRASHER",
        "trust": 0.6
      },
      {
        "db": "MLIST",
        "id": "[QUAGGA-DEV] 20090203 [QUAGGA-DEV 6391] [PATCH] BGP 4-BYTE ASN BUG FIXES",
        "trust": 0.6
      },
      {
        "db": "DEBIAN",
        "id": "DSA-1788",
        "trust": 0.6
      },
      {
        "db": "MANDRIVA",
        "id": "MDVSA-2009:109",
        "trust": 0.6
      },
      {
        "db": "FEDORA",
        "id": "FEDORA-2009-5324",
        "trust": 0.6
      },
      {
        "db": "FEDORA",
        "id": "FEDORA-2009-5284",
        "trust": 0.6
      },
      {
        "db": "XF",
        "id": "50317",
        "trust": 0.6
      },
      {
        "db": "SUSE",
        "id": "SUSE-SR:2009:012",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200905-076",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "77439",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "77275",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "77391",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "77460",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "77750",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "78953",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "34817"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002713"
      },
      {
        "db": "PACKETSTORM",
        "id": "77439"
      },
      {
        "db": "PACKETSTORM",
        "id": "77275"
      },
      {
        "db": "PACKETSTORM",
        "id": "77391"
      },
      {
        "db": "PACKETSTORM",
        "id": "77460"
      },
      {
        "db": "PACKETSTORM",
        "id": "77750"
      },
      {
        "db": "PACKETSTORM",
        "id": "78953"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200905-076"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-1572"
      }
    ]
  },
  "id": "VAR-200905-0194",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.1590909
  },
  "last_update_date": "2022-05-04T07:50:34.944000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Index of /releases/quagga",
        "trust": 0.8,
        "url": "http://download.savannah.gnu.org/releases/quagga/"
      },
      {
        "title": "Multiple Denial of Service vulnerabilities in Quagga",
        "trust": 0.8,
        "url": "https://blogs.oracle.com/sunsecurity/entry/multiple_denial_of_service_vulnerabilities4"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002713"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-Other",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002713"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-1572"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.9,
        "url": "http://marc.info/?l=quagga-dev\u0026m=123364779626078\u0026w=2"
      },
      {
        "trust": 1.7,
        "url": "https://www.redhat.com/archives/fedora-package-announce/2009-may/msg01037.html"
      },
      {
        "trust": 1.7,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
      },
      {
        "trust": 1.6,
        "url": "http://www.debian.org/security/2009/dsa-1788"
      },
      {
        "trust": 1.6,
        "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526311"
      },
      {
        "trust": 1.6,
        "url": "https://www.redhat.com/archives/fedora-package-announce/2009-may/msg01107.html"
      },
      {
        "trust": 1.6,
        "url": "http://www.ubuntu.com/usn/usn-775-1"
      },
      {
        "trust": 1.6,
        "url": "http://www.securitytracker.com/id?1022164"
      },
      {
        "trust": 1.6,
        "url": "http://www.securityfocus.com/bid/34817"
      },
      {
        "trust": 1.6,
        "url": "http://www.osvdb.org/54200"
      },
      {
        "trust": 1.6,
        "url": "http://www.openwall.com/lists/oss-security/2009/05/01/2"
      },
      {
        "trust": 1.6,
        "url": "http://www.openwall.com/lists/oss-security/2009/05/01/1"
      },
      {
        "trust": 1.6,
        "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2009:109"
      },
      {
        "trust": 1.6,
        "url": "http://thread.gmane.org/gmane.network.quagga.devel/6513"
      },
      {
        "trust": 1.6,
        "url": "http://secunia.com/advisories/35685"
      },
      {
        "trust": 1.6,
        "url": "http://secunia.com/advisories/35203"
      },
      {
        "trust": 1.6,
        "url": "http://secunia.com/advisories/35061"
      },
      {
        "trust": 1.6,
        "url": "http://secunia.com/advisories/34999"
      },
      {
        "trust": 1.0,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50317"
      },
      {
        "trust": 0.9,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1572"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-1572"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/50317"
      },
      {
        "trust": 0.4,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.4,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.4,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.4,
        "url": "http://secunia.com/advisories/business_solutions/"
      },
      {
        "trust": 0.3,
        "url": "http://groups.google.com/group/linux.debian.bugs.dist/browse_thread/thread/c2b15dbcccedc2ea"
      },
      {
        "trust": 0.3,
        "url": "http://www.quagga.net/"
      },
      {
        "trust": 0.3,
        "url": "http://secunia.com/advisories/try_vi/"
      },
      {
        "trust": 0.2,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.2-1ubuntu3.5_i386.deb"
      },
      {
        "trust": 0.2,
        "url": "http://ports.ubuntu.com/pool/main/q/quagga/quagga_0.99.9-6ubuntu0.1_sparc.deb"
      },
      {
        "trust": 0.2,
        "url": "http://ports.ubuntu.com/pool/main/q/quagga/quagga_0.99.11-1ubuntu0.1_sparc.deb"
      },
      {
        "trust": 0.2,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga-doc_0.99.9-2ubuntu1.2_all.deb"
      },
      {
        "trust": 0.2,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.2-1ubuntu3.5.dsc"
      },
      {
        "trust": 0.2,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.9-2ubuntu1.2.dsc"
      },
      {
        "trust": 0.2,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.9-6ubuntu0.1_i386.deb"
      },
      {
        "trust": 0.2,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga-doc_0.99.11-1ubuntu0.1_all.deb"
      },
      {
        "trust": 0.2,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.2-1ubuntu3.5_powerpc.deb"
      },
      {
        "trust": 0.2,
        "url": "http://ports.ubuntu.com/pool/main/q/quagga/quagga_0.99.9-2ubuntu1.2_sparc.deb"
      },
      {
        "trust": 0.2,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.11-1ubuntu0.1_i386.deb"
      },
      {
        "trust": 0.2,
        "url": "http://ports.ubuntu.com/pool/main/q/quagga/quagga_0.99.9-2ubuntu1.2_lpia.deb"
      },
      {
        "trust": 0.2,
        "url": "http://ports.ubuntu.com/pool/main/q/quagga/quagga_0.99.9-2ubuntu1.2_powerpc.deb"
      },
      {
        "trust": 0.2,
        "url": "http://ports.ubuntu.com/pool/main/q/quagga/quagga_0.99.9-6ubuntu0.1_lpia.deb"
      },
      {
        "trust": 0.2,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.2-1ubuntu3.5_amd64.deb"
      },
      {
        "trust": 0.2,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.9-6ubuntu0.1.dsc"
      },
      {
        "trust": 0.2,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.9-2ubuntu1.2_amd64.deb"
      },
      {
        "trust": 0.2,
        "url": "http://ports.ubuntu.com/pool/main/q/quagga/quagga_0.99.11-1ubuntu0.1_lpia.deb"
      },
      {
        "trust": 0.2,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.9-6ubuntu0.1.diff.gz"
      },
      {
        "trust": 0.2,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.2.orig.tar.gz"
      },
      {
        "trust": 0.2,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.9.orig.tar.gz"
      },
      {
        "trust": 0.2,
        "url": "http://ports.ubuntu.com/pool/main/q/quagga/quagga_0.99.11-1ubuntu0.1_powerpc.deb"
      },
      {
        "trust": 0.2,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga-doc_0.99.2-1ubuntu3.5_all.deb"
      },
      {
        "trust": 0.2,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga-doc_0.99.9-6ubuntu0.1_all.deb"
      },
      {
        "trust": 0.2,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.11-1ubuntu0.1.dsc"
      },
      {
        "trust": 0.2,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.2-1ubuntu3.5.diff.gz"
      },
      {
        "trust": 0.2,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.2-1ubuntu3.5_sparc.deb"
      },
      {
        "trust": 0.2,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.9-2ubuntu1.2_i386.deb"
      },
      {
        "trust": 0.2,
        "url": "http://ports.ubuntu.com/pool/main/q/quagga/quagga_0.99.9-6ubuntu0.1_powerpc.deb"
      },
      {
        "trust": 0.2,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.9-2ubuntu1.2.diff.gz"
      },
      {
        "trust": 0.2,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.9-6ubuntu0.1_amd64.deb"
      },
      {
        "trust": 0.2,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.11.orig.tar.gz"
      },
      {
        "trust": 0.2,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.11-1ubuntu0.1_amd64.deb"
      },
      {
        "trust": 0.2,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/q/quagga/quagga_0.99.11-1ubuntu0.1.diff.gz"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1572"
      },
      {
        "trust": 0.1,
        "url": "https://lists.ubuntu.com/archives/ubuntu-security-announce/2009-may/000902.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/35061/"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga-doc_0.99.10-1lenny2_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/34999/"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://lists.debian.org/debian-security-announce/2009/msg00099.html"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.99.10-1lenny2_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://www.mandriva.com/security/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/"
      },
      {
        "trust": 0.1,
        "url": "http://www.mandriva.com/security/advisories"
      },
      {
        "trust": 0.1,
        "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/35203/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/34797/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/35296/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/34481/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/35422/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/33853/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/35216/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/35685/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/35021/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/34035/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/33884/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/35344/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/34746/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/33338/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/35128/"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "34817"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002713"
      },
      {
        "db": "PACKETSTORM",
        "id": "77439"
      },
      {
        "db": "PACKETSTORM",
        "id": "77275"
      },
      {
        "db": "PACKETSTORM",
        "id": "77391"
      },
      {
        "db": "PACKETSTORM",
        "id": "77460"
      },
      {
        "db": "PACKETSTORM",
        "id": "77750"
      },
      {
        "db": "PACKETSTORM",
        "id": "78953"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200905-076"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-1572"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "34817"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002713"
      },
      {
        "db": "PACKETSTORM",
        "id": "77439"
      },
      {
        "db": "PACKETSTORM",
        "id": "77275"
      },
      {
        "db": "PACKETSTORM",
        "id": "77391"
      },
      {
        "db": "PACKETSTORM",
        "id": "77460"
      },
      {
        "db": "PACKETSTORM",
        "id": "77750"
      },
      {
        "db": "PACKETSTORM",
        "id": "78953"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200905-076"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-1572"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2009-04-30T00:00:00",
        "db": "BID",
        "id": "34817"
      },
      {
        "date": "2012-04-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2009-002713"
      },
      {
        "date": "2009-05-13T07:18:17",
        "db": "PACKETSTORM",
        "id": "77439"
      },
      {
        "date": "2009-05-05T14:42:57",
        "db": "PACKETSTORM",
        "id": "77275"
      },
      {
        "date": "2009-05-11T03:05:32",
        "db": "PACKETSTORM",
        "id": "77391"
      },
      {
        "date": "2009-05-13T16:52:18",
        "db": "PACKETSTORM",
        "id": "77460"
      },
      {
        "date": "2009-05-24T05:47:14",
        "db": "PACKETSTORM",
        "id": "77750"
      },
      {
        "date": "2009-07-06T14:42:32",
        "db": "PACKETSTORM",
        "id": "78953"
      },
      {
        "date": "2009-04-30T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200905-076"
      },
      {
        "date": "2009-05-06T17:30:00",
        "db": "NVD",
        "id": "CVE-2009-1572"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-04-13T21:21:00",
        "db": "BID",
        "id": "34817"
      },
      {
        "date": "2012-04-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2009-002713"
      },
      {
        "date": "2009-06-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200905-076"
      },
      {
        "date": "2017-08-17T01:30:00",
        "db": "NVD",
        "id": "CVE-2009-1572"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "77391"
      },
      {
        "db": "PACKETSTORM",
        "id": "77460"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200905-076"
      }
    ],
    "trust": 0.8
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Quagga of  BGP Service disruption in daemon  ( crash ) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002713"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200905-076"
      }
    ],
    "trust": 0.6
  }
}

GSD-2009-1572

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2009-1572

Aliases

CVE-2009-1572

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2009-1572",
    "description": "The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service (crash) via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error.",
    "id": "GSD-2009-1572",
    "references": [
      "https://www.suse.com/security/cve/CVE-2009-1572.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2009-1572"
      ],
      "details": "The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service (crash) via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error.",
      "id": "GSD-2009-1572",
      "modified": "2023-12-13T01:19:47.930041Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2009-1572",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service (crash) via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "54200",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/54200"
          },
          {
            "name": "35203",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/35203"
          },
          {
            "name": "34999",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/34999"
          },
          {
            "name": "MDVSA-2009:109",
            "refsource": "MANDRIVA",
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:109"
          },
          {
            "name": "1022164",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1022164"
          },
          {
            "name": "USN-775-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/usn-775-1"
          },
          {
            "name": "[oss-security] 20090501 CVE request (sort of): Quagga BGP crasher",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2009/05/01/1"
          },
          {
            "name": "[quagga-dev] 20090203 [quagga-dev 6391]  [PATCH] BGP 4-byte ASN bug fixes",
            "refsource": "MLIST",
            "url": "http://marc.info/?l=quagga-dev\u0026m=123364779626078\u0026w=2"
          },
          {
            "name": "http://thread.gmane.org/gmane.network.quagga.devel/6513",
            "refsource": "MISC",
            "url": "http://thread.gmane.org/gmane.network.quagga.devel/6513"
          },
          {
            "name": "DSA-1788",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2009/dsa-1788"
          },
          {
            "name": "quagga-systemnumber-dos(50317)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50317"
          },
          {
            "name": "35685",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/35685"
          },
          {
            "name": "FEDORA-2009-5324",
            "refsource": "FEDORA",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01107.html"
          },
          {
            "name": "35061",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/35061"
          },
          {
            "name": "SUSE-SR:2009:012",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
          },
          {
            "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526311",
            "refsource": "CONFIRM",
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526311"
          },
          {
            "name": "FEDORA-2009-5284",
            "refsource": "FEDORA",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01037.html"
          },
          {
            "name": "34817",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/34817"
          },
          {
            "name": "[oss-security] 20090501 Re: CVE request (sort of): Quagga BGP crasher",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2009/05/01/2"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.96.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.96.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.97.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.97.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "0.99.11",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.98.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.97.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.98.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.98.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.96.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.97.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.98.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.98.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.97.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.97.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.98.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:quagga:quagga:0.98.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-1572"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service (crash) via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-1788",
              "refsource": "DEBIAN",
              "tags": [
                "Patch"
              ],
              "url": "http://www.debian.org/security/2009/dsa-1788"
            },
            {
              "name": "34817",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/34817"
            },
            {
              "name": "54200",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/54200"
            },
            {
              "name": "34999",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/34999"
            },
            {
              "name": "[oss-security] 20090501 CVE request (sort of): Quagga BGP crasher",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://www.openwall.com/lists/oss-security/2009/05/01/1"
            },
            {
              "name": "http://thread.gmane.org/gmane.network.quagga.devel/6513",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://thread.gmane.org/gmane.network.quagga.devel/6513"
            },
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526311",
              "refsource": "CONFIRM",
              "tags": [
                "Exploit",
                "Patch"
              ],
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526311"
            },
            {
              "name": "[quagga-dev] 20090203 [quagga-dev 6391]  [PATCH] BGP 4-byte ASN bug fixes",
              "refsource": "MLIST",
              "tags": [
                "Exploit",
                "Patch"
              ],
              "url": "http://marc.info/?l=quagga-dev\u0026m=123364779626078\u0026w=2"
            },
            {
              "name": "[oss-security] 20090501 Re: CVE request (sort of): Quagga BGP crasher",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://www.openwall.com/lists/oss-security/2009/05/01/2"
            },
            {
              "name": "USN-775-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/usn-775-1"
            },
            {
              "name": "35061",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/35061"
            },
            {
              "name": "MDVSA-2009:109",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:109"
            },
            {
              "name": "1022164",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1022164"
            },
            {
              "name": "35203",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/35203"
            },
            {
              "name": "FEDORA-2009-5284",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01037.html"
            },
            {
              "name": "FEDORA-2009-5324",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01107.html"
            },
            {
              "name": "SUSE-SR:2009:012",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
            },
            {
              "name": "35685",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/35685"
            },
            {
              "name": "quagga-systemnumber-dos(50317)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50317"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-08-17T01:30Z",
      "publishedDate": "2009-05-06T17:30Z"
    }
  }
}

FKIE_CVE-2009-1572

Vulnerability from fkie_nvd - Published: 2009-05-06 17:30 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526311	Exploit, Patch
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
cve@mitre.org	http://marc.info/?l=quagga-dev&m=123364779626078&w=2	Exploit, Patch
cve@mitre.org	http://secunia.com/advisories/34999	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/35061	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/35203	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/35685	Vendor Advisory
cve@mitre.org	http://thread.gmane.org/gmane.network.quagga.devel/6513	Exploit
cve@mitre.org	http://www.debian.org/security/2009/dsa-1788	Patch
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDVSA-2009:109
cve@mitre.org	http://www.openwall.com/lists/oss-security/2009/05/01/1
cve@mitre.org	http://www.openwall.com/lists/oss-security/2009/05/01/2
cve@mitre.org	http://www.osvdb.org/54200
cve@mitre.org	http://www.securityfocus.com/bid/34817
cve@mitre.org	http://www.securitytracker.com/id?1022164
cve@mitre.org	http://www.ubuntu.com/usn/usn-775-1
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/50317
cve@mitre.org	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01037.html
cve@mitre.org	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01107.html
af854a3a-2127-422b-91ae-364da2661108	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526311	Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=quagga-dev&m=123364779626078&w=2	Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/34999	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/35061	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/35203	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/35685	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://thread.gmane.org/gmane.network.quagga.devel/6513	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2009/dsa-1788	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2009:109
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2009/05/01/1
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2009/05/01/2
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/54200
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/34817
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1022164
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-775-1
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/50317
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01037.html
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01107.html

Impacted products

Vendor	Product	Version
quagga	quagga	*
quagga	quagga	0.95
quagga	quagga	0.96
quagga	quagga	0.96.1
quagga	quagga	0.96.2
quagga	quagga	0.96.3
quagga	quagga	0.96.4
quagga	quagga	0.96.5
quagga	quagga	0.97.0
quagga	quagga	0.97.1
quagga	quagga	0.97.2
quagga	quagga	0.97.3
quagga	quagga	0.97.4
quagga	quagga	0.97.5
quagga	quagga	0.98.0
quagga	quagga	0.98.1
quagga	quagga	0.98.2
quagga	quagga	0.98.3
quagga	quagga	0.98.4
quagga	quagga	0.98.5
quagga	quagga	0.98.6
quagga	quagga	0.99.1
quagga	quagga	0.99.2
quagga	quagga	0.99.3
quagga	quagga	0.99.4
quagga	quagga	0.99.5
quagga	quagga	0.99.6
quagga	quagga	0.99.7
quagga	quagga	0.99.8
quagga	quagga	0.99.9
quagga	quagga	0.99.10

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:quagga:quagga:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0ADB352-4A60-4B8E-A231-7498E0EE1A0B",
              "versionEndIncluding": "0.99.11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD7A8AD5-A315-4242-960C-05E792B30547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B83BCE2-24D0-4B5B-A034-62BFF1894AE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDD63DD9-1809-4CEC-AB69-955A7B127CA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2AD1AD-DDE2-477B-8EFD-767B6FD8EDBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.96.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "99BD881B-9B53-4E12-B083-87C9C87CDF62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.96.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F910313F-FFE1-470A-A9B6-8A854C73DC97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.96.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B0A9232-968D-4D3E-82A0-F5CC858EAF48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.97.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD5F4CFB-BE1F-4424-8D2F-B921704E3AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.97.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A55FF13-8E56-4A27-B7FD-A855735E1045",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.97.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7DDBC3B-99BB-4404-9A73-90ED6581D69A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.97.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB09A713-E91E-44E7-8B82-F70F655A97B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.97.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "10173750-690B-4576-AB3F-11A0861AA78B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.97.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EF8693A-D561-4D2E-BD60-5630601C6A94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.98.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE43983A-73CB-41A5-889B-1AEA9A27F440",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.98.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EB589E9-85C0-4E87-856B-A2832383B129",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.98.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CF5EB8A-8E46-4490-BA88-03D4BED3EB84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.98.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6445BEF-245C-47CE-9779-96C97CFD4DA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.98.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "48D007FD-C1AD-477E-9AA5-DDB4522D3248",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.98.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6ADB9F6-B519-45D0-966F-F095372FBB49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.98.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E914BAF-2E3A-415E-BAA7-FA02B4A22E25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FCB7EC-8060-434B-B485-0DC7DBFE117D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9524E069-2A80-4068-9945-2752EF2126EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E1B30CC-478C-4BD1-AF4C-D126B8CCE8D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D713119-F9C6-4656-92C9-A5B863A4B72F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A5E99C8-3778-416B-915F-7335C72435B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "578DCE6D-3360-43DA-B22E-E0005A6AF388",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4D7B93B-0CF5-4CAF-B1F4-8A816A427BC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FDAF214-1851-4DFC-ACAA-37D8CD83D323",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B41BBCA6-237B-4CB6-9208-571D47251E18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD6CAB29-56F9-4C54-97D8-CBB338658EB0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service (crash) via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error."
    },
    {
      "lang": "es",
      "value": "El  demonio BGP (bgpd) in Quagga v0.99.11 y anteriores, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de una ruta AS que contiene elementos ASN cuya representaci\u00f3n de cadena es mayor que la esperada, lo que provoca un error de aserci\u00f3n."
    }
  ],
  "id": "CVE-2009-1572",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-05-06T17:30:00.233",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526311"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://marc.info/?l=quagga-dev\u0026m=123364779626078\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34999"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35061"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35203"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35685"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://thread.gmane.org/gmane.network.quagga.devel/6513"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1788"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:109"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.openwall.com/lists/oss-security/2009/05/01/1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.openwall.com/lists/oss-security/2009/05/01/2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/54200"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/34817"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1022164"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/usn-775-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50317"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01037.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01107.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526311"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://marc.info/?l=quagga-dev\u0026m=123364779626078\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34999"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35061"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35203"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35685"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://thread.gmane.org/gmane.network.quagga.devel/6513"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1788"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:109"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2009/05/01/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2009/05/01/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/54200"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/34817"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1022164"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-775-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50317"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01037.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01107.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Not vulnerable. This issue did not affect the versions of zebra as shipped with Red Hat Enterprise Linux 2.1, and the versions of quagga as shipped with Red Hat Enterprise Linux 3, 4, or 5.",
      "lastModified": "2009-05-18T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2009-1572 (GCVE-0-2009-1572)

GHSA-7PV4-F272-HV95

VAR-200905-0194

GSD-2009-1572

FKIE_CVE-2009-1572

Tags

Sightings

Nomenclature