PT-2006-1053 · Quagga+1 · Quagga+1

Fredrik Widell

Published

2006-05-09

Updated

2018-10-03

CVE-2006-2276

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Quagga versions 0.98 through 0.99 Quagga version 0.98.6 and earlier

Description: The issue allows local users to cause a denial of service via a certain command. Additionally, multiple vulnerabilities in the Quagga package can lead to a breach of protected information, and these can be exploited remotely.

Recommendations: For Quagga versions 0.98 through 0.99, consider restricting access to the telnet interface to minimize the risk of exploitation. For Quagga version 0.98.6 and earlier, update to a version later than 0.98.6 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability for some versions.

Exploit

Fix

DoS

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-399

Related Identifiers

BDU:2015-09507

CVE-2006-2276

DSA-1059-1

RHSA-2006:0525

RHSA-2006_0525

Affected Products

Quagga

Red Hat

PT-2006-1053 · Quagga+1 · Quagga+1

CVE-2006-2276

Weakness Enumeration

Related Identifiers

Affected Products

References · 28