{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-10-29T00:00:00", "descriptions": [{"lang": "en", "value": "The aspath_put function in bgpd/bgp_aspath.c in Quagga before 1.2.2 allows remote attackers to cause a denial of service (session drop) via BGP UPDATE messages, because AS_PATH size calculation for long paths counts certain bytes twice and consequently constructs an invalid message."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-11-03T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugs.debian.org/879474"}, {"tags": ["x_refsource_MISC"], "url": "http://download.savannah.gnu.org/releases/quagga/quagga-1.2.2.changelog.txt"}, {"name": "DSA-4011", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2017/dsa-4011"}, {"tags": ["x_refsource_MISC"], "url": "https://git.savannah.gnu.org/cgit/quagga.git/commit/?id=7a42b78be9a4108d98833069a88e6fddb9285008"}, {"tags": ["x_refsource_MISC"], "url": "https://lists.quagga.net/pipermail/quagga-dev/2017-September/033284.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-16227", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The aspath_put function in bgpd/bgp_aspath.c in Quagga before 1.2.2 allows remote attackers to cause a denial of service (session drop) via BGP UPDATE messages, because AS_PATH size calculation for long paths counts certain bytes twice and consequently constructs an invalid message."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://bugs.debian.org/879474", "refsource": "MISC", "url": "https://bugs.debian.org/879474"}, {"name": "http://download.savannah.gnu.org/releases/quagga/quagga-1.2.2.changelog.txt", "refsource": "MISC", "url": "http://download.savannah.gnu.org/releases/quagga/quagga-1.2.2.changelog.txt"}, {"name": "DSA-4011", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2017/dsa-4011"}, {"name": "https://git.savannah.gnu.org/cgit/quagga.git/commit/?id=7a42b78be9a4108d98833069a88e6fddb9285008", "refsource": "MISC", "url": "https://git.savannah.gnu.org/cgit/quagga.git/commit/?id=7a42b78be9a4108d98833069a88e6fddb9285008"}, {"name": "https://lists.quagga.net/pipermail/quagga-dev/2017-September/033284.html", "refsource": "MISC", "url": "https://lists.quagga.net/pipermail/quagga-dev/2017-September/033284.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T20:20:04.858Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugs.debian.org/879474"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://download.savannah.gnu.org/releases/quagga/quagga-1.2.2.changelog.txt"}, {"name": "DSA-4011", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2017/dsa-4011"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://git.savannah.gnu.org/cgit/quagga.git/commit/?id=7a42b78be9a4108d98833069a88e6fddb9285008"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://lists.quagga.net/pipermail/quagga-dev/2017-September/033284.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-16227", "datePublished": "2017-10-29T20:00:00", "dateReserved": "2017-10-29T00:00:00", "dateUpdated": "2024-08-05T20:20:04.858Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:quagga:quagga:*:*:*:*:*:*:*:*", "matchCriteriaId": "8A77B501-67FE-43AE-9A3B-53B9DF5865C9", "versionEndIncluding": "1.2.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The aspath_put function in bgpd/bgp_aspath.c in Quagga before 1.2.2 allows remote attackers to cause a denial of service (session drop) via BGP UPDATE messages, because AS_PATH size calculation for long paths counts certain bytes twice and consequently constructs an invalid message."}, {"lang": "es", "value": "La funci\u00f3n aspath_put en bgpd/bgp_aspath.c en Quagga en versiones anteriores a la 1.2.2 permite que los atacantes remotos provoquen una denegaci\u00f3n de servicio (ca\u00edda de sesi\u00f3n) mediante mensajes BGP Update, ya que el c\u00e1lculo del tama\u00f1o de AS_PATH cuanta una serie de bytes dos veces y en consecuencia construye un menaje no v\u00e1lido."}], "id": "CVE-2017-16227", "lastModified": "2017-11-18T16:16:50.310", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-10-29T20:29:00.207", "references": [{"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "http://download.savannah.gnu.org/releases/quagga/quagga-1.2.2.changelog.txt"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "http://www.debian.org/security/2017/dsa-4011"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugs.debian.org/879474"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://git.savannah.gnu.org/cgit/quagga.git/commit/?id=7a42b78be9a4108d98833069a88e6fddb9285008"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://lists.quagga.net/pipermail/quagga-dev/2017-September/033284.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "quagga: Incorrect AS_PATH size calculation for long paths", "id": "1509291", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1509291"}, "csaw": false, "cvss3": {"cvss3_base_score": "3.7", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "status": "draft"}, "cwe": "CWE-682", "details": ["The aspath_put function in bgpd/bgp_aspath.c in Quagga before 1.2.2 allows remote attackers to cause a denial of service (session drop) via BGP UPDATE messages, because AS_PATH size calculation for long paths counts certain bytes twice and consequently constructs an invalid message.", "A denial of service flaw was found in the way the bgpd daemon in Quagga handled the processing of large BGP update messages. A remote, previously trusted attacker could potentially use this flaw to cause bgpd to terminate existing BGP sessions, thereby leading to denial of service."], "name": "CVE-2017-16227", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "quagga", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "quagga", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "quagga", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2017-10-02T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2017-16227\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-16227"], "threat_severity": "Moderate", "upstream_fix": "quagga 1.2.2"}