This script is Copyright (C) 2010-2012 Tenable Network Security, Inc.
The remote SuSE 10 host is missing a security-related patch.
This update of quagga fixes two security issues :
- Stack-based buffer overflow while processing malformed
Route-Refresh messages. (CVE-2010-2948: CVSS v2 Base
Score: 6.5 (MEDIUM) (AV:N/AC:L/Au:S/C:P/I:P/A:P))
- Denial of service while processing malformed BGP update
AS path messages. (CVE-2010-2949: CVSS v2 Base Score:
5.0 (MEDIUM) (AV:N/AC:L/Au:N/C:N/I:N/A:P))
See also :
Apply ZYPP patch number 7237.
Risk factor :
Medium / CVSS Base Score : 6.5