Resource Management Errors Affecting quagga package, versions <0.99.4-1
Threat Intelligence
EPSS
7.89% (95th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-DEBIAN9-QUAGGA-319754
- published 10 May 2006
- disclosed 10 May 2006
Introduced: 10 May 2006
CVE-2006-2276 Open this link in a new tabHow to fix?
Upgrade Debian:9 quagga to version 0.99.4-1 or higher.
NVD Description
Note: Versions mentioned in the description apply only to the upstream quagga package and not the quagga package as distributed by Debian.
See How to fix? for Debian:9 relevant fixed versions and status.
bgpd in Quagga 0.98 and 0.99 before 20060504 allows local users to cause a denial of service (CPU consumption) via a certain sh ip bgp command entered in the telnet interface.
References
- http://www.quagga.net/news2.php?y=2006&m=5&d=4#id1146764580
- http://www.debian.org/security/2006/dsa-1059
- https://security-tracker.debian.org/tracker/CVE-2006-2276
- http://www.gentoo.org/security/en/glsa/glsa-200605-15.xml
- http://lists.quagga.net/pipermail/quagga-dev/2006-March/004052.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10651
- http://securitytracker.com/id?1016204
- http://secunia.com/advisories/20116
- http://secunia.com/advisories/20137
- http://secunia.com/advisories/20138
- http://secunia.com/advisories/20221
- http://secunia.com/advisories/20420
- http://secunia.com/advisories/20421
- http://secunia.com/advisories/20782
- http://www.securityfocus.com/bid/17979
- ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc
- http://www.ubuntulinux.org/support/documentation/usn/usn-284-1
- https://usn.ubuntu.com/284-1/
- http://www.osvdb.org/25245
- http://www.redhat.com/support/errata/RHSA-2006-0525.html
- http://www.redhat.com/support/errata/RHSA-2006-0533.html
CVSS Scores
version 3.1