vulnerability
FreeBSD: VID-BF266183-CEC7-11E7-AF2D-2047478F2F70 (CVE-2017-15865): frr -- BGP Mishandled attribute length on Error
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:P/I:N/A:N) | Nov 8, 2017 | Nov 21, 2017 | May 7, 2019 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
Nov 8, 2017
Added
Nov 21, 2017
Modified
May 7, 2019
Description
bgpd in FRRouting (FRR) before 2.0.2 and 3.x before 3.0.2, as used in Cumulus Linux before 3.4.3 and other products, allows remote attackers to obtain sensitive information via a malformed BGP UPDATE packet from a connected peer, which triggers transmission of up to a few thousand unintended bytes because of a mishandled attribute length, aka RN-690 (CM-18492).
Solution
freebsd-upgrade-package-frr
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.