Summary
The remote host is missing an update to the system as announced in the referenced advisory.
Solution
Update your system with the appropriate patches or software upgrades.
http://www.quagga.net/news2.php?y=2011&m=3&d=21#id1300723200 http://www.vuxml.org/freebsd/b2a40507-5c88-11e0-9e85-00215af774f0.html
Insight
The following package is affected: quagga
CVE-2010-1674
The extended-community parser in bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed Extended Communities attribute.
CVE-2010-1675
bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (session reset) via a malformed AS_PATHLIMIT path attribute.
Severity
Classification
-
CVE CVE-2010-1674, CVE-2010-1675 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities