Back to bug 1316571
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Andrej Nemec | 2016-03-10 14:04:19 UTC | Depends On | 1316572 | |
| Andrej Nemec | 2016-03-10 14:05:49 UTC | Blocks | 1316575 | |
| Andrej Nemec | 2016-03-14 10:44:02 UTC | Alias | CVE-2016-2342 | |
| Andrej Nemec | 2016-03-14 10:44:06 UTC | Summary | quagga: VPNv4 NLRI parses memcpys to stack on unchecked length | CVE-2016-2342 quagga: VPNv4 NLRI parses memcpys to stack on unchecked length |
| Andrej Nemec | 2016-03-14 10:44:54 UTC | Whiteboard | impact=moderate,public=20160309,reported=20160309,source=internet,cvss2=5.4/AV:A/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-20,fedora-all/quagga=affected,rhel-5/quagga=affected,rhel-6/quagga=affected,rhel-7/quagga=affected | impact=moderate,public=20160309,reported=20160309,source=internet,cvss2=5.4/AV:A/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-121,fedora-all/quagga=affected,rhel-5/quagga=affected,rhel-6/quagga=affected,rhel-7/quagga=affected |
| Salvatore Bonaccorso | 2016-03-24 15:47:32 UTC | CC | carnil | |
| Dhiru Kholia | 2016-05-26 07:31:52 UTC | CC | dkholia | |
| Summary | CVE-2016-2342 quagga: VPNv4 NLRI parses memcpys to stack on unchecked length | CVE-2016-2342 quagga: VPNv4 NLRI parser memcpys to stack on unchecked length | ||
| Dhiru Kholia | 2016-05-27 05:56:41 UTC | Whiteboard | impact=moderate,public=20160309,reported=20160309,source=internet,cvss2=5.4/AV:A/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-121,fedora-all/quagga=affected,rhel-5/quagga=affected,rhel-6/quagga=affected,rhel-7/quagga=affected | impact=moderate,public=20160309,reported=20160309,source=internet,cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P,cwe=CWE-121,fedora-all/quagga=affected,rhel-5/quagga=affected,rhel-6/quagga=affected,rhel-7/quagga=affected |
| Dhiru Kholia | 2016-05-27 07:48:55 UTC | Whiteboard | impact=moderate,public=20160309,reported=20160309,source=internet,cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P,cwe=CWE-121,fedora-all/quagga=affected,rhel-5/quagga=affected,rhel-6/quagga=affected,rhel-7/quagga=affected | impact=moderate,public=20160309,reported=20160309,source=internet,cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P,cwe=CWE-121,fedora-all/quagga=affected,rhel-5/quagga=wontfix,rhel-6/quagga=wontfix,rhel-7/quagga=wontfix |
| Dhiru Kholia | 2016-05-27 08:57:48 UTC | Status | NEW | CLOSED |
| Resolution | --- | WONTFIX | ||
| Last Closed | 2016-05-27 04:57:48 UTC | |||
| Adam Mariš | 2016-11-04 11:18:13 UTC | Whiteboard | impact=moderate,public=20160309,reported=20160309,source=internet,cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P,cwe=CWE-121,fedora-all/quagga=affected,rhel-5/quagga=wontfix,rhel-6/quagga=wontfix,rhel-7/quagga=wontfix | impact=moderate,public=20160309,reported=20160309,source=internet,cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P,cwe=CWE-121,fedora-all/quagga=affected,rhel-5/quagga=wontfix,rhel-6/quagga=affected,rhel-7/quagga=wontfix |
| Adam Mariš | 2016-11-04 11:18:58 UTC | Depends On | 1391916 | |
| Dhiru Kholia | 2016-11-07 06:36:46 UTC | Blocks | 1386080 | |
| Dhiru Kholia | 2017-03-02 10:52:35 UTC | Doc Text | A stack-based buffer overflow flaw was found in the Quagga BGP routing daemon (bgpd). A remote attacker could use this flaw to crash the bgpd daemon resulting in denial of service. | |
| Dhiru Kholia | 2017-03-02 10:52:58 UTC | Status | CLOSED | NEW |
| Resolution | WONTFIX | --- | ||
| Keywords | Reopened | |||
| Dhiru Kholia | 2017-03-02 11:00:03 UTC | Doc Text | A stack-based buffer overflow flaw was found in the Quagga BGP routing daemon (bgpd). A remote attacker could use this flaw to crash the bgpd daemon resulting in denial of service. | A stack-based buffer overflow flaw was found in the way the Quagga BGP routing daemon (bgpd) handled Labeled-VPN SAFI routes data. A remote attacker could use this flaw to crash the bgpd daemon resulting in denial of service. |
| Dhiru Kholia | 2017-03-17 04:34:50 UTC | CC | mruprich | |
| Whiteboard | impact=moderate,public=20160309,reported=20160309,source=internet,cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P,cwe=CWE-121,fedora-all/quagga=affected,rhel-5/quagga=wontfix,rhel-6/quagga=affected,rhel-7/quagga=wontfix | impact=moderate,public=20160309,reported=20160309,source=internet,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=5.9/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-121,fedora-all/quagga=affected,rhel-5/quagga=wontfix,rhel-6/quagga=affected,rhel-7/quagga=wontfix | ||
| PnT Account Manager | 2018-03-29 21:58:59 UTC | CC | dkholia | |
| Product Security DevOps Team | 2019-06-08 02:49:36 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-05-27 08:57:48 UTC | 2019-06-08 02:49:36 UTC | ||
| Product Security DevOps Team | 2019-09-29 13:45:56 UTC | Whiteboard | impact=moderate,public=20160309,reported=20160309,source=internet,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=5.9/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-121,fedora-all/quagga=affected,rhel-5/quagga=wontfix,rhel-6/quagga=affected,rhel-7/quagga=wontfix |
Back to bug 1316571