Summary
Ubuntu Update for Linux kernel vulnerabilities USN-1261-1
Solution
Please Install the Updated Packages.
Insight
Riku Hietamä
ki, Tuomo Untinen and Jukka Taimisto discovered that Quagga incorrectly handled Link State Update messages with invalid lengths. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service. (CVE-2011-3323)
Riku Hietamä
ki, Tuomo Untinen and Jukka Taimisto discovered that Quagga incorrectly handled certain IPv6 Database Description messages. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service. (CVE-2011-3324)
Riku Hietamä
ki, Tuomo Untinen and Jukka Taimisto discovered that Quagga incorrectly handled certain IPv4 packets. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service.
(CVE-2011-3325)
Riku Hietamä
ki, Tuomo Untinen and Jukka Taimisto discovered that Quagga incorrectly handled invalid Link State Advertisement (LSA) types. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service. (CVE-2011-3326)
Riku Hietamä
ki, Tuomo Untinen and Jukka Taimisto discovered that Quagga incorrectly handled certain BGP UPDATE messages. A remote attacker could use this flaw to cause Quagga to crash, or possibly execute arbitrary code. (CVE-2011-3327)
Affected
quagga on Ubuntu 11.04 ,
Ubuntu 10.10 ,
Ubuntu 10.04 LTS
Severity
Classification
-
CVE CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, CVE-2011-3326, CVE-2011-3327 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities