Quagga BGPD 本地拒绝服务漏洞

CNNVD-ID编号 CNNVD-200605-151
CVE编号 CVE-2006-2276
发布时间 2006-05-09
更新时间 2006-05-10
漏洞类型 资源管理错误
漏洞来源 This issue was disclosed by Fredrik Widell.
危险等级 中危
威胁类型 本地
厂 商 quagga

漏洞介绍

Quagga 0.98和0.99 20060504之前版本中的bgpd可以使本地用户借助在telnet接口中输入的sh ip bgp命令,引起拒绝服务(CPU损耗)。

漏洞补丁

目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接: Quagga Quagga Routing Software Suite 0.98.3 Debian quagga_0.98.3-7.2_alpha.debDebian GNU/Linux 3.1 alias sarge http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7. 2_alpha.deb Debian quagga_0.98.3-7.2_amd64.debDebian GNU/Linux 3.1 alias sarge http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7. 2_amd64.deb Debian quagga_0.98.3-7.2_arm.debDebian GNU/Linux 3.1 alias sarge http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7. 2_arm.deb Debian quagga_0.98.3-7.2_hppa.debDebian GNU/Linux 3.1 alias sarge http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7. 2_hppa.deb Debian quagga_0.98.3-7.2_i386.deb7.2_arm.debDebian GNU/Linux 3.1 alias sarge http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.http ://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_i3 86.deb7.2_arm.deb Debian quagga_0.98.3-7.2_ia64.debDebian GNU/Linux 3.1 alias sarge http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7. 2_ia64.deb Debian quagga_0.98.3-7.2_m68k.debDebian GNU/Linux 3.1 alias sarge http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7. 2_m68k.deb Debian quagga_0.98.3-7.2_mips.debDebian GNU/Linux 3.1 alias sarge http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7. 2_mips.deb Debian quagga_0.98.3-7.2_mipsel.debDebian GNU/Linux 3.1 alias sarge http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7. 2_mipsel.deb Debian quagga_0.98.3-7.2_powerpc.debDebian GNU/Linux 3.1 alias sarge http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7. 2_powerpc.deb Debian quagga_0.98.3-7.2_s390.debDebian GNU/Linux 3.1 alias sarge http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7. 2_s390.deb Debian quagga_0.98.3-7.2_sparc.debDebian GNU/Linux 3.1 alias sarge http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7. 2_sparc.deb Quagga quagga-0.98.6.tar.gz http://www.quagga.net/download/quagga-0.98.6.tar.gz

参考网址

受影响实体

信息来源