openSUSE Security Update : quagga (openSUSE-SU-2011:1155-1)

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update fixes the following security issues :

- 718056: OSPF6D buffer overflow while decoding Link State
Update with Inter Area Prefix Lsa (CVE-2011-3323)

- 718058: OSPF6D DoS while decoding Database Description
packet (CVE-2011-3324)

- 718059: OSPFD DoS while decoding Hello packet
(CVE-2011-3325)

- 718061: OSPFD DoS while decoding Link State Update
(CVE-2011-3326)

- 718062: DoS while decoding EXTENDED_COMMUNITIES in
Quagga's BGP (CVE-2011-3327)

See also :

http://lists.opensuse.org/opensuse-updates/2011-10/msg00021.html
https://bugzilla.novell.com/show_bug.cgi?id=718056
https://bugzilla.novell.com/show_bug.cgi?id=718058
https://bugzilla.novell.com/show_bug.cgi?id=718059
https://bugzilla.novell.com/show_bug.cgi?id=718061
https://bugzilla.novell.com/show_bug.cgi?id=718062

Solution :

Update the affected quagga packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: SuSE Local Security Checks

Nessus Plugin ID: 76007 ()

Bugtraq ID:

CVE ID: CVE-2011-3323
CVE-2011-3324
CVE-2011-3325
CVE-2011-3326
CVE-2011-3327

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now