Your submission was sent successfully! Close

USN-775-1: Quagga vulnerability

12 May 2009

Quagga vulnerability

Releases

Packages

Details

It was discovered that the BGP service in Quagga did not correctly
handle certain AS paths containing 4-byte ASNs. An authenticated remote
attacker could exploit this flaw to cause bgpd to abort, leading to a
denial of service.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 9.04
Ubuntu 8.10
Ubuntu 8.04
Ubuntu 6.06

In general, a standard system upgrade is sufficient to effect the
necessary changes.

References