Vulnerability & Exploit Database

Displaying entries 1 - 10 of 20 in total

Results for: CVE-2010-2949 Back to search

ELSA-2012-1259 Moderate: Oracle Linux quagga security update Vulnerability

  • Severity: 8
  • Published: October 10, 2011

Heap-based buffer overflow in the ecommunity_ecom2str function in bgp_ecommunity.c in bgpd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by sending a crafted BGP UPDATE message over IPv4.

SUSE Linux Security Advisory: SUSE-SR:2010:022 Vulnerability

  • Severity: 8
  • Published: November 17, 2010

Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to (1) the TLS server name extension and (2) ellipt...

USN-1027-1: Quagga vulnerabilities Vulnerability

  • Severity: 7
  • Published: September 10, 2010

Stack-based buffer overflow in the bgp_route_refresh_receive function in bgp_packet.c in bgpd in Quagga before 0.99.17 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a malformed Outbound Route Filtering (ORF) record in a BGP ROUTE-REFRESH (RR) message.

SUSE Linux Security Vulnerability: CVE-2010-2949 Vulnerability

  • Severity: 5
  • Published: September 10, 2010

bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message.

Oracle Solaris 11: CVE-2010-2949: Vulnerability in Quagga Vulnerability

  • Severity: 5
  • Published: September 10, 2010

bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message.

RHSA-2010:0945: quagga security update Vulnerability

  • Severity: 7
  • Published: September 10, 2010

Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemonimplements the BGP (Border Gateway Protocol) routing protocol.A stack-based buffer overflow flaw was found in the way the Quagga bgpddaemon processed certain BGP Route Refresh (RR) messages. A configured BGPpeer could send a specially-crafted BGP message, causing bgpd...

ELSA-2010-0945 Moderate: Oracle Linux quagga security update Vulnerability

  • Severity: 7
  • Published: September 10, 2010

Stack-based buffer overflow in the bgp_route_refresh_receive function in bgp_packet.c in bgpd in Quagga before 0.99.17 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a malformed Outbound Route Filtering (ORF) record in a BGP ROUTE-REFRESH (RR) message.

Gentoo Linux: CVE-2010-2949: Quagga: Multiple vulnerabilities Vulnerability

  • Severity: 5
  • Published: September 10, 2010

bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message.

USN-903-1: OpenOffice.org vulnerabilities Vulnerability

  • Severity: 9
  • Published: February 16, 2010

OpenOffice.org (OOo) 2.0.4, 2.4.1, and 3.1.1 does not properly enforce Visual Basic for Applications (VBA) macro security settings, which allows remote attackers to run arbitrary macros via a crafted document.

SUSE Linux Security Advisory: SUSE-SA:2010:017 Vulnerability

  • Severity: 9
  • Published: February 16, 2010

OpenOffice.org (OOo) 2.0.4, 2.4.1, and 3.1.1 does not properly enforce Visual Basic for Applications (VBA) macro security settings, which allows remote attackers to run arbitrary macros via a crafted document.