This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing one or more security updates.
Updated Quagga packages that close a locally-exploitable denial of
service vulnerability are now available.
Quagga is an open source implementation of TCP/IP routing software.
Herbert Xu reported that Quagga can accept spoofed messages sent on
the kernel netlink interface by other users on the local machine. This
could lead to a local denial of service attack. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CVE-2003-0858 to this issue.
Users of Quagga should upgrade to these erratum packages, which
contain a patch that checks that netlink messages actually came from
the kernel. This erratum also includes quagga-devel and quagga-contrib
packages which were not originally shipped with Red Hat Enterprise
See also :
Update the affected quagga, quagga-contrib and / or quagga-devel
Risk factor :
Low / CVSS Base Score : 2.1
Family: Red Hat Local Security Checks
Nessus Plugin ID: 12431 ()
CVE ID: CVE-2003-0858
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.