Details of VAR-201802-1049

ID

VAR-201802-1049

CVE

CVE-2018-5379

TITLE

Quagga bgpd is affected by multiple vulnerabilities

Trust: 0.8

sources: CERT/CC: VU#940439

DESCRIPTION

The Quagga BGP daemon (bgpd) prior to version 1.2.3 can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. A successful attack could cause a denial of service or potentially allow an attacker to execute arbitrary code. Quagga bgpd Contains several vulnerabilities: * Buffer overflow (CWE-119) - CVE-2018-5378 (Quagga-2018-0543) * Double memory release (CWE-415) - CVE-2018-5379 (Quagga-2018-1114) * Out of bounds read (CWE-125) - CVE-2018-5380 (Quagga-2018-1550) * Improper handling of incorrect syntactic constructs (CWE-228) - CVE-2018-5381 (Quagga-2018-1975) Detail is <a href="https://savannah.nongnu.org/forum/forum.php?forum_id=9095"target="blank"> Information provided by the developer </a> Please refer to.The expected impact depends on each vulnerability, but remote code execution, information leakage, service operation interruption by a remote third party (DoS) An attack could be made. Quagga is prone to a remote code-execution vulnerability. Failed exploit attempts will likely cause a denial-of-service condition. Versions prior to Quagga 1.2.3 are vulnerable. A configured peer can take advantage of this flaw to cause a denial of service (bgpd daemon not responding to any other events; BGP sessions will drop and not be reestablished; unresponsive CLI interface). https://www.quagga.net/security/Quagga-2018-1975.txt For the oldstable distribution (jessie), these problems have been fixed in version 0.99.23.1-1+deb8u5. For the stable distribution (stretch), these problems have been fixed in version 1.1.1-3+deb9u2. We recommend that you upgrade your quagga packages. For the detailed security status of quagga please refer to its security tracker page at: https://security-tracker.debian.org/tracker/quagga Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlqGBaVfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0RpyRAAhVpntFw+LSUUzL2/cx7m+s4fHijhOkU/AjKKmW4a9rAi0iJYW4HNv5BU cKfz6yhngFUzCa+Glhmiwzt77eAoeksJSvxkKio5CTqjV3OxCWbDPPz/iRRHcKvK MGhnqyShMCF8boQU0plmqNbfhnSWNAObbaI2fPmjLOU4A4jPY1T/fbzu4Sd3k5qY ETeHq9+HlVdGnyNEoYnoO0XQH56ueNHy3VlChJ0S2OPtFtoKXkjM/er+yG6413+G 3e90tcbm2xlitmrTyZm9K/Q08UWLJx510n1rxehaO1DTEz+bqSNezySOhyNb8sTA fuadDpgs2ozwgSmxyuWFj0RL3fKvgycw1ZeNiS5nUmRJTobrPlnjyX+A8FEJhPuI 9xyVa8j6wUeBVZdgd9b/EWLQ1Z9oDRiXmHRJeVOtz4JRNPP1KLtBcsPxFW9eCp83 9gFMqk/vMYQSpRqtQdnl5OawEpeurMtusBsnlEV5y9afiHU9jKB8N7RPwxCJgtjP /jmhS4lOvn3F5lNILahaL3lrk/b0EsECajBltbN9YVU0yabWWRWSMrJ3ujamhaXE aUQKmVj1alwDyg90vToiUftdr3R0hPPFuzA0BAK55SJVzjwJ2XInzItr+2y1tMPn dSpd32tzrxpDm86rvmRIiAJbj28n7QnX9I9BlKZqWq2fUUhTkNg= =Gy8j -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: quagga security update Advisory ID: RHSA-2018:0377-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:0377 Issue date: 2018-02-28 CVE Names: CVE-2018-5379 ===================================================================== 1. Summary: An update for quagga is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, ppc64le Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, ppc64le 3. Description: The quagga packages contain Quagga, the free network-routing software suite that manages TCP/IP based protocols. Quagga supports the BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng protocols, and is intended to be used as a Route Server and Route Reflector. Security Fix(es): * quagga: Double free vulnerability in bgpd when processing certain forms of UPDATE message allowing to crash or potentially execute arbitrary code (CVE-2018-5379) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank the Quagga project for reporting this issue. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the updated packages, the bgpd daemon must be restarted for the update to take effect. 5. Package List: Red Hat Enterprise Linux Server (v. 7): Source: quagga-0.99.22.4-5.el7_4.src.rpm ppc64: quagga-0.99.22.4-5.el7_4.ppc.rpm quagga-0.99.22.4-5.el7_4.ppc64.rpm quagga-debuginfo-0.99.22.4-5.el7_4.ppc.rpm quagga-debuginfo-0.99.22.4-5.el7_4.ppc64.rpm ppc64le: quagga-0.99.22.4-5.el7_4.ppc64le.rpm quagga-debuginfo-0.99.22.4-5.el7_4.ppc64le.rpm s390x: quagga-0.99.22.4-5.el7_4.s390.rpm quagga-0.99.22.4-5.el7_4.s390x.rpm quagga-debuginfo-0.99.22.4-5.el7_4.s390.rpm quagga-debuginfo-0.99.22.4-5.el7_4.s390x.rpm x86_64: quagga-0.99.22.4-5.el7_4.i686.rpm quagga-0.99.22.4-5.el7_4.x86_64.rpm quagga-debuginfo-0.99.22.4-5.el7_4.i686.rpm quagga-debuginfo-0.99.22.4-5.el7_4.x86_64.rpm Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7): Source: quagga-0.99.22.4-5.el7_4.src.rpm aarch64: quagga-0.99.22.4-5.el7_4.aarch64.rpm quagga-debuginfo-0.99.22.4-5.el7_4.aarch64.rpm ppc64le: quagga-0.99.22.4-5.el7_4.ppc64le.rpm quagga-debuginfo-0.99.22.4-5.el7_4.ppc64le.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: quagga-contrib-0.99.22.4-5.el7_4.ppc64.rpm quagga-debuginfo-0.99.22.4-5.el7_4.ppc.rpm quagga-debuginfo-0.99.22.4-5.el7_4.ppc64.rpm quagga-devel-0.99.22.4-5.el7_4.ppc.rpm quagga-devel-0.99.22.4-5.el7_4.ppc64.rpm ppc64le: quagga-contrib-0.99.22.4-5.el7_4.ppc64le.rpm quagga-debuginfo-0.99.22.4-5.el7_4.ppc64le.rpm quagga-devel-0.99.22.4-5.el7_4.ppc64le.rpm s390x: quagga-contrib-0.99.22.4-5.el7_4.s390x.rpm quagga-debuginfo-0.99.22.4-5.el7_4.s390.rpm quagga-debuginfo-0.99.22.4-5.el7_4.s390x.rpm quagga-devel-0.99.22.4-5.el7_4.s390.rpm quagga-devel-0.99.22.4-5.el7_4.s390x.rpm x86_64: quagga-contrib-0.99.22.4-5.el7_4.x86_64.rpm quagga-debuginfo-0.99.22.4-5.el7_4.i686.rpm quagga-debuginfo-0.99.22.4-5.el7_4.x86_64.rpm quagga-devel-0.99.22.4-5.el7_4.i686.rpm quagga-devel-0.99.22.4-5.el7_4.x86_64.rpm Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7): aarch64: quagga-contrib-0.99.22.4-5.el7_4.aarch64.rpm quagga-debuginfo-0.99.22.4-5.el7_4.aarch64.rpm quagga-devel-0.99.22.4-5.el7_4.aarch64.rpm ppc64le: quagga-contrib-0.99.22.4-5.el7_4.ppc64le.rpm quagga-debuginfo-0.99.22.4-5.el7_4.ppc64le.rpm quagga-devel-0.99.22.4-5.el7_4.ppc64le.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: quagga-0.99.22.4-5.el7_4.src.rpm x86_64: quagga-0.99.22.4-5.el7_4.i686.rpm quagga-0.99.22.4-5.el7_4.x86_64.rpm quagga-debuginfo-0.99.22.4-5.el7_4.i686.rpm quagga-debuginfo-0.99.22.4-5.el7_4.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: quagga-contrib-0.99.22.4-5.el7_4.x86_64.rpm quagga-debuginfo-0.99.22.4-5.el7_4.i686.rpm quagga-debuginfo-0.99.22.4-5.el7_4.x86_64.rpm quagga-devel-0.99.22.4-5.el7_4.i686.rpm quagga-devel-0.99.22.4-5.el7_4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-5379 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFalvS5XlSAg2UNWIIRAt2VAJoDHq+b03wv2cXdpBivxT/zOAniAQCgkE2/ WD9+DkKEg1eZpmyT0FyyN8s= =NOHT -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201804-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Quagga: Multiple vulnerabilities Date: April 22, 2018 Bugs: #647788 ID: 201804-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in Quagga, the worst of which could allow remote attackers to execute arbitrary code. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-misc/quagga < 1.2.4 >= 1.2.4 Description =========== Multiple vulnerabilities have been discovered in Quagga. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Quagga users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/quagga-1.2.4" References ========== [ 1 ] CVE-2018-5378 https://nvd.nist.gov/vuln/detail/CVE-2018-5378 [ 2 ] CVE-2018-5379 https://nvd.nist.gov/vuln/detail/CVE-2018-5379 [ 3 ] CVE-2018-5380 https://nvd.nist.gov/vuln/detail/CVE-2018-5380 [ 4 ] CVE-2018-5381 https://nvd.nist.gov/vuln/detail/CVE-2018-5381 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201804-17 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2018 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . ========================================================================== Ubuntu Security Notice USN-3573-1 February 16, 2018 quagga vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 17.10 - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in Quagga. (CVE-2018-5379) It was discovered that the Quagga BGP daemon did not properly bounds check the data sent with a NOTIFY to a peer. This issue only affected Ubuntu 17.10. (CVE-2018-5378) It was discovered that a table overrun vulnerability existed in the Quagga BGP daemon. (CVE-2018-5380) It was discovered that the Quagga BGP daemon in some configurations did not properly handle invalid OPEN messages. (CVE-2018-5381) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 17.10: quagga 1.1.1-3ubuntu0.2 quagga-bgpd 1.1.1-3ubuntu0.2 Ubuntu 16.04 LTS: quagga 0.99.24.1-2ubuntu1.4 Ubuntu 14.04 LTS: quagga 0.99.22.4-3ubuntu1.5 After a standard system update you need to restart Quagga to make all the necessary changes

Trust: 3.06

sources: NVD: CVE-2018-5379 // CERT/CC: VU#940439 // JVNDB: JVNDB-2018-001492 // BID: 103105 // VULMON: CVE-2018-5379 // PACKETSTORM: 146416 // PACKETSTORM: 146610 // PACKETSTORM: 147305 // PACKETSTORM: 146410

AFFECTED PRODUCTS

vendor:	debian	model:	linux	scope:	eq	version:	9.0	Trust: 1.6
vendor:	debian	model:	linux	scope:	eq	version:	8.0	Trust: 1.6
vendor:	redhat	model:	enterprise linux server aus	scope:	eq	version:	7.6	Trust: 1.0
vendor:	redhat	model:	enterprise linux server eus	scope:	eq	version:	7.5	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	14.04	Trust: 1.0
vendor:	redhat	model:	enterprise linux server aus	scope:	eq	version:	7.4	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	17.10	Trust: 1.0
vendor:	quagga	model:	quagga	scope:	lte	version:	1.2.2	Trust: 1.0
vendor:	redhat	model:	enterprise linux server tus	scope:	eq	version:	7.6	Trust: 1.0
vendor:	siemens	model:	ruggedcom rox ii	scope:	lt	version:	2.13.0	Trust: 1.0
vendor:	redhat	model:	enterprise linux server tus	scope:	eq	version:	7.4	Trust: 1.0
vendor:	redhat	model:	enterprise linux workstation	scope:	eq	version:	7.0	Trust: 1.0
vendor:	redhat	model:	enterprise linux server	scope:	eq	version:	7.0	Trust: 1.0
vendor:	redhat	model:	enterprise linux server eus	scope:	eq	version:	7.6	Trust: 1.0
vendor:	redhat	model:	enterprise linux server eus	scope:	eq	version:	7.4	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	7.0	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	16.04	Trust: 1.0
vendor:	debian gnu linux	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	suse linux	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	ubuntu	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	quagga	model:	quagga	scope:	lt	version:	1.2.3 earlier	Trust: 0.8
vendor:	siemens	model:	ruggedcom rox ii	scope:	eq	version:	2.9	Trust: 0.3
vendor:	siemens	model:	ruggedcom rox ii	scope:	eq	version:	2.12	Trust: 0.3
vendor:	siemens	model:	ruggedcom rox ii	scope:	eq	version:	2.11	Trust: 0.3
vendor:	siemens	model:	ruggedcom rox ii	scope:	eq	version:	2.10	Trust: 0.3
vendor:	redhat	model:	enterprise linux	scope:	eq	version:	7	Trust: 0.3
vendor:	redhat	model:	enterprise linux	scope:	eq	version:	6	Trust: 0.3
vendor:	redhat	model:	enterprise linux	scope:	eq	version:	5	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	1.2.2	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	1.2.1	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	1.2	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	1.1.1	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	1.1	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	1.0.20160309	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.99.24	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.99.22	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.99.21	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.99.17	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.99.16	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.99.15	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.99.14	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.99.13	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.99.12	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.99.11	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.99.10	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.99.9	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.99.8	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.99.7	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.99.6	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.99.5	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.99.4	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.99.3	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.99.2	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.99.1	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.98.6	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.98.5	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.98.3	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.98.2	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.98.1	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.98	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.97.5	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.97.3	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.97.2	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.97.1	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.97	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.96.5	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.96.3	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.96.2	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	1.0.20161017	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	1.0	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.99.24.1	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.99.22.3	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.99.22.2	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.99.22.1	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.99.20.1	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.99.20	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.99.19	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.99.18	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.98.4	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.97.4	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.96.4	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.96.1	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.96	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.95	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	eq	version:	0.93	Trust: 0.3
vendor:	oracle	model:	solaris	scope:	eq	version:	11.3	Trust: 0.3
vendor:	siemens	model:	ruggedcom rox ii	scope:	ne	version:	2.13	Trust: 0.3
vendor:	quagga	model:	quagga	scope:	ne	version:	1.2.3	Trust: 0.3

sources: CERT/CC: VU#940439 // BID: 103105 // JVNDB: JVNDB-2018-001492 // CNNVD: CNNVD-201802-829 // NVD: CVE-2018-5379

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-5379
value:	CRITICAL
Trust: 1.0
cret@cert.org:	CVE-2018-5379
value:	HIGH
Trust: 1.0
JPCERT/CC:	JVNDB-2018-001492
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201802-829
value:	CRITICAL
Trust: 0.6
VULMON:	CVE-2018-5379
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-5379
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
JPCERT/CC:	JVNDB-2018-001492
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8

nvd@nist.gov:	CVE-2018-5379
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.0
cret@cert.org:	CVE-2018-5379
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.6
impactScore:	5.9
version:	3.0
Trust: 1.0
JPCERT/CC:	JVNDB-2018-001492
baseSeverity:	HIGH
baseScore:	8.1
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULMON: CVE-2018-5379 // JVNDB: JVNDB-2018-001492 // CNNVD: CNNVD-201802-829 // NVD: CVE-2018-5379 // NVD: CVE-2018-5379

PROBLEMTYPE DATA

problemtype:	CWE-415	Trust: 1.8
problemtype:	CWE-119	Trust: 0.8
problemtype:	CWE-125	Trust: 0.8
problemtype:	CWE-228	Trust: 0.8

sources: JVNDB: JVNDB-2018-001492 // NVD: CVE-2018-5379

THREAT TYPE

remote

Trust: 0.8

sources: PACKETSTORM: 147305 // PACKETSTORM: 146410 // CNNVD: CNNVD-201802-829

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201802-829

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-001492

PATCH

title:	AXSA:2018-2582:01	url:	https://tsn.miraclelinux.com/ja/node/9025	Trust: 0.8
title:	Quagga 1.2.3 Release, with significant BGP security fixes	url:	https://savannah.nongnu.org/forum/forum.php?forum_id=9095	Trust: 0.8
title:	不正なメッセージの受信によりBGP機能が停止する脆弱性	url:	http://www.seil.jp/support/security/a01864.html	Trust: 0.8
title:	Quagga BGP daemon Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=90582	Trust: 0.6
title:	Red Hat: Important: quagga security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20180377 - Security Advisory	Trust: 0.1
title:	Ubuntu Security Notice: quagga vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3573-1	Trust: 0.1
title:	Red Hat: CVE-2018-5379	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2018-5379	Trust: 0.1
title:	Debian Security Advisories: DSA-4115-1 quagga -- security update	url:	https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=60039c87d27a61271ac8cea042fa360d	Trust: 0.1
title:	Amazon Linux AMI: ALAS-2018-957	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2018-957	Trust: 0.1
title:	Siemens Security Advisories: Siemens Security Advisory	url:	https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=743274c8dcbded6c8c6a2fcbd1f712aa	Trust: 0.1
title:	Debian CVElist Bug Report Logs: quagga: CVE-2018-5378 CVE-2018-5379 CVE-2018-5380 CVE-2018-5381	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=4da9cc5babf3128084a3957af98f57a1	Trust: 0.1
title:	Oracle Linux Bulletins: Oracle Linux Bulletin - January 2018	url:	https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins&qid=f20bc19459353e30190c7e47d9da0c23	Trust: 0.1
title:	Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2018	url:	https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins&qid=72fe5ebf222112c8481815fd7cefc7af	Trust: 0.1

sources: VULMON: CVE-2018-5379 // JVNDB: JVNDB-2018-001492 // CNNVD: CNNVD-201802-829

EXTERNAL IDS

db:	CERT/CC	id:	VU#940439	Trust: 3.3
db:	NVD	id:	CVE-2018-5379	Trust: 3.2
db:	BID	id:	103105	Trust: 2.0
db:	ICS CERT	id:	ICSA-19-099-05	Trust: 1.8
db:	SIEMENS	id:	SSA-451142	Trust: 1.7
db:	JVN	id:	JVNVU95518305	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-001492	Trust: 0.8
db:	AUSCERT	id:	ESB-2019.1207	Trust: 0.6
db:	CNNVD	id:	CNNVD-201802-829	Trust: 0.6
db:	VULMON	id:	CVE-2018-5379	Trust: 0.1
db:	PACKETSTORM	id:	146416	Trust: 0.1
db:	PACKETSTORM	id:	146610	Trust: 0.1
db:	PACKETSTORM	id:	147305	Trust: 0.1
db:	PACKETSTORM	id:	146410	Trust: 0.1

sources: CERT/CC: VU#940439 // VULMON: CVE-2018-5379 // BID: 103105 // JVNDB: JVNDB-2018-001492 // PACKETSTORM: 146416 // PACKETSTORM: 146610 // PACKETSTORM: 147305 // PACKETSTORM: 146410 // CNNVD: CNNVD-201802-829 // NVD: CVE-2018-5379

REFERENCES

url:	http://www.kb.cert.org/vuls/id/940439	Trust: 2.6
url:	http://savannah.nongnu.org/forum/forum.php?forum_id=9095	Trust: 2.5
url:	https://www.debian.org/security/2018/dsa-4115	Trust: 2.5
url:	http://www.securityfocus.com/bid/103105	Trust: 2.3
url:	https://gogs.quagga.net/quagga/quagga/src/master/doc/security/quagga-2018-1114.txt	Trust: 2.0
url:	https://access.redhat.com/errata/rhsa-2018:0377	Trust: 1.9
url:	https://usn.ubuntu.com/3573-1/	Trust: 1.8
url:	https://security.gentoo.org/glsa/201804-17	Trust: 1.8
url:	https://lists.debian.org/debian-lts-announce/2018/02/msg00021.html	Trust: 1.7
url:	https://cert-portal.siemens.com/productcert/pdf/ssa-451142.pdf	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2018-5379	Trust: 1.2
url:	https://nvd.nist.gov/vuln/detail/cve-2018-5378	Trust: 1.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-5380	Trust: 1.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-5381	Trust: 1.1
url:	https://ics-cert.us-cert.gov/advisories/icsa-19-099-05	Trust: 1.0
url:	https://access.redhat.com/security/cve/cve-2018-5379	Trust: 1.0
url:	http://cwe.mitre.org/data/definitions/415.html	Trust: 0.9
url:	https://bugzilla.redhat.com/show_bug.cgi?id=1542985	Trust: 0.9
url:	https://www.oracle.com/technetwork/topics/security/bulletinapr2018-4443185.html	Trust: 0.9
url:	http://cwe.mitre.org/data/definitions/119.html	Trust: 0.8
url:	http://cwe.mitre.org/data/definitions/125.html	Trust: 0.8
url:	http://cwe.mitre.org/data/definitions/228.html	Trust: 0.8
url:	http://lists.suse.com/pipermail/sle-security-updates/2018-february/003735.html	Trust: 0.8
url:	https://usn.ubuntu.com/usn/usn-3573-1/	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5381	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5378	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5379	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5380	Trust: 0.8
url:	https://www.us-cert.gov/ics/advisories/icsa-19-099-05	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu95518305/index.html	Trust: 0.8
url:	https://www.auscert.org.au/bulletins/78746	Trust: 0.6
url:	https://tools.cisco.com/security/center/viewalert.x?alertid=57162	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.quagga.net/security/quagga-2018-0543.txt	Trust: 0.1
url:	https://www.quagga.net/security/quagga-2018-1975.txt	Trust: 0.1
url:	https://www.quagga.net/security/quagga-2018-1550.txt	Trust: 0.1
url:	https://www.debian.org/security/faq	Trust: 0.1
url:	https://www.debian.org/security/	Trust: 0.1
url:	https://www.quagga.net/security/quagga-2018-1114.txt	Trust: 0.1
url:	https://security-tracker.debian.org/tracker/quagga	Trust: 0.1
url:	https://www.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.1
url:	https://bugzilla.redhat.com/):	Trust: 0.1
url:	https://access.redhat.com/security/team/key/	Trust: 0.1
url:	https://access.redhat.com/articles/11258	Trust: 0.1
url:	https://access.redhat.com/security/team/contact/	Trust: 0.1
url:	https://access.redhat.com/security/updates/classification/#important	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1
url:	https://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	https://security.gentoo.org/	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/quagga/1.1.1-3ubuntu0.2	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/quagga/0.99.22.4-3ubuntu1.5	Trust: 0.1
url:	https://www.ubuntu.com/usn/usn-3573-1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/quagga/0.99.24.1-2ubuntu1.4	Trust: 0.1

CREDITS

The vendor reported this issue.,Siemens reported these vulnerabilities to NCCIC.

Trust: 0.6

sources: CNNVD: CNNVD-201802-829

SOURCES

db:	CERT/CC	id:	VU#940439
db:	VULMON	id:	CVE-2018-5379
db:	BID	id:	103105
db:	JVNDB	id:	JVNDB-2018-001492
db:	PACKETSTORM	id:	146416
db:	PACKETSTORM	id:	146610
db:	PACKETSTORM	id:	147305
db:	PACKETSTORM	id:	146410
db:	CNNVD	id:	CNNVD-201802-829
db:	NVD	id:	CVE-2018-5379

LAST UPDATE DATE

2024-11-23T22:12:39.749000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#940439	date:	2018-02-19T00:00:00
db:	VULMON	id:	CVE-2018-5379	date:	2019-10-09T00:00:00
db:	BID	id:	103105	date:	2019-04-10T11:00:00
db:	JVNDB	id:	JVNDB-2018-001492	date:	2019-07-08T00:00:00
db:	CNNVD	id:	CNNVD-201802-829	date:	2019-04-19T00:00:00
db:	NVD	id:	CVE-2018-5379	date:	2024-11-21T04:08:41.997

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#940439	date:	2018-02-15T00:00:00
db:	VULMON	id:	CVE-2018-5379	date:	2018-02-19T00:00:00
db:	BID	id:	103105	date:	2018-02-15T00:00:00
db:	JVNDB	id:	JVNDB-2018-001492	date:	2018-02-21T00:00:00
db:	PACKETSTORM	id:	146416	date:	2018-02-16T14:36:28
db:	PACKETSTORM	id:	146610	date:	2018-02-28T23:24:22
db:	PACKETSTORM	id:	147305	date:	2018-04-23T20:02:00
db:	PACKETSTORM	id:	146410	date:	2018-02-15T23:25:00
db:	CNNVD	id:	CNNVD-201802-829	date:	2018-02-19T00:00:00
db:	NVD	id:	CVE-2018-5379	date:	2018-02-19T13:29:00.413