Detections
Analytics
SuSE 11 / 11.1 Security Update : quagga (SAT Patch Numbers 3535 / 3536)
medium Nessus Plugin ID 50960
Language:
Synopsis
The remote SuSE 11 host is missing a security update.Description
This update of quagga fixes two security issues :- Stack-based buffer overflow while processing malformed Route-Refresh messages. (CVE-2010-2948: CVSS v2 Base Score: 6.5 (MEDIUM) (AV:N/AC:L/Au:S/C:P/I:P/A:P))
- Denial of service while processing malformed BGP update AS path messages. (CVE-2010-2949: CVSS v2 Base Score:
5.0 (MEDIUM) (AV:N/AC:L/Au:N/C:N/I:N/A:P))
Solution
Apply SAT patch number 3535 / 3536 as appropriate.See Also
https://bugzilla.novell.com/show_bug.cgi?id=634300
Plugin Details
Severity: Medium
ID: 50960
File Name: suse_11_quagga-101115.nasl
Version: 1.9
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 12/2/2010
Updated: 1/14/2021
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Medium
Base Score: 6.5
Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:11:quagga, cpe:/o:novell:suse_linux:11
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Patch Publication Date: 11/15/2010
Reference Information
CVE: CVE-2010-2948, CVE-2010-2949