Launchpad.net

CVE 2012-1820

The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message.

Related bugs and status

CVE-2012-1820 (Candidate) is related to these bugs:

Bug #1018052: quagga security issue CVE-2012-1820

		In	Importance	Status
1018052	quagga security issue CVE-2012-1820	quagga (Ubuntu)	Low	Fix Released
1018052	quagga security issue CVE-2012-1820	quagga (Ubuntu Lucid)	Low	Fix Released
1018052	quagga security issue CVE-2012-1820	quagga (Ubuntu Natty)	Low	Fix Released
1018052	quagga security issue CVE-2012-1820	quagga (Ubuntu Oneiric)	Low	Fix Released
1018052	quagga security issue CVE-2012-1820	quagga (Ubuntu Precise)	Low	Fix Released
1018052	quagga security issue CVE-2012-1820	quagga (Ubuntu Quantal)	Low	Fix Released

See the

CVE page on Mitre.org for more details.

References

CERT-VN: VU#962587
DEBIAN: DSA-2497
UBUNTU: USN-1605-1
REDHAT: RHSA-2012:1259
BID: 53775
SECUNIA: 50941