Sign-up

ID

VAR-201807-0268


CVE

CVE-2017-3224


TITLE

Open Shortest Path First (OSPF) protocol implementations may improperly determine LSA recency

Trust: 0.8

sources: CERT/CC: VU#793496

DESCRIPTION

Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. According to RFC 2328 section 13.1, for two instances of the same LSA, recency is determined by first comparing sequence numbers, then checksums, and finally MaxAge. In a case where the sequence numbers are the same, the LSA with the larger checksum is considered more recent, and will not be flushed from the Link State Database (LSDB). Since the RFC does not explicitly state that the values of links carried by a LSA must be the same when prematurely aging a self-originating LSA with MaxSequenceNumber, it is possible in vulnerable OSPF implementations for an attacker to craft a LSA with MaxSequenceNumber and invalid links that will result in a larger checksum and thus a 'newer' LSA that will not be flushed from the LSDB. Propagation of the crafted LSA can result in the erasure or alteration of the routing tables of routers within the routing domain, creating a denial of service condition or the re-routing of traffic on the network. CVE-2017-3224 has been reserved for Quagga and downstream implementations (SUSE, openSUSE, and Red Hat packages). Attackers with the ability to transmit messages from a routing domain router may send specially crafted OSPF messages to poison routing tables within the domain. Quagga Contains vulnerabilities related to insufficient validation of data reliability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Quagga is a routing software suite developed by US software developer Kunihiro Ishiguro. The kit implements OSPFv2, OSPFv3, and RIPv1/v2 protocols on multiple platforms, and provides functions such as route redistribution and route mapping. A denial of service vulnerability exists in Quagga. Exploiting this issue allows remote attackers to cause a denial-of-service condition

Trust: 3.15

sources: NVD: CVE-2017-3224 // CERT/CC: VU#793496 // JVNDB: JVNDB-2017-014163 // CNVD: CNVD-2017-35374 // BID: 100134

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2017-35374

AFFECTED PRODUCTS

vendor:quaggamodel:quaggascope:eqversion: -

Trust: 1.9

vendor:quaggamodel:quaggascope: - version: -

Trust: 1.4

vendor:susemodel:opensusescope:eqversion: -

Trust: 1.0

vendor:redhatmodel:package managerscope:eqversion: -

Trust: 1.0

vendor:susemodel:linuxscope:eqversion: -

Trust: 1.0

vendor:ciscomodel: - scope: - version: -

Trust: 0.8

vendor:lenovomodel: - scope: - version: -

Trust: 0.8

vendor:quaggamodel: - scope: - version: -

Trust: 0.8

vendor:red hatmodel: - scope: - version: -

Trust: 0.8

vendor:suse linuxmodel: - scope: - version: -

Trust: 0.8

vendor:opensusemodel: - scope: - version: -

Trust: 0.8

vendor:susemodel:opensusescope: - version: -

Trust: 0.8

vendor:susemodel:linuxscope: - version: -

Trust: 0.8

vendor:red hatmodel:package managerscope: - version: -

Trust: 0.8

vendor:redhatmodel:enterprise linuxscope:eqversion:7

Trust: 0.3

vendor:redhatmodel:enterprise linuxscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linuxscope:eqversion:5

Trust: 0.3

sources: CERT/CC: VU#793496 // CNVD: CNVD-2017-35374 // BID: 100134 // JVNDB: JVNDB-2017-014163 // CNNVD: CNNVD-201708-153 // NVD: CVE-2017-3224

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-3224
value: HIGH

Trust: 1.0

NVD: CVE-2017-3224
value: HIGH

Trust: 0.8

CNVD: CNVD-2017-35374
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201708-153
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2017-3224
severity: MEDIUM
baseScore: 4.3
vectorString: AV:A/AC:M/AU:N/C:N/I:P/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 5.5
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-35374
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2017-3224
baseSeverity: HIGH
baseScore: 8.2
vectorString: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:H
attackVector: ADJACENT
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.6
impactScore: 6.0
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2017-35374 // JVNDB: JVNDB-2017-014163 // CNNVD: CNNVD-201708-153 // NVD: CVE-2017-3224

PROBLEMTYPE DATA

problemtype:CWE-345

Trust: 1.8

problemtype:CWE-354

Trust: 1.0

sources: JVNDB: JVNDB-2017-014163 // NVD: CVE-2017-3224

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201708-153

TYPE

data forgery

Trust: 0.6

sources: CNNVD: CNNVD-201708-153

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-014163

PATCH
title:Top Pageurl:https://www.quagga.net/
Trust: 0.8
title:Top Pageurl:https://access.redhat.com/
Trust: 0.8
title:トップページurl:https://www.suse.com/ja-jp/
Trust: 0.8
title:Patch for Quagga Denial of Service Vulnerability (CNVD-2017-35374)url:https://www.cnvd.org.cn/patchInfo/show/106873
Trust: 0.6
title:Quagga Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74825
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2017-35374 // 
            
            
            
            JVNDB: JVNDB-2017-014163 // 
            
            
            
            CNNVD: CNNVD-201708-153

EXTERNAL IDS
db:CERT/CCid:VU#793496
Trust: 4.1
db:NVDid:CVE-2017-3224
Trust: 3.3
db:LENOVOid:LEN-14078
Trust: 0.8
db:JVNid:JVNVU93329670
Trust: 0.8
db:JVNDBid:JVNDB-2017-014163
Trust: 0.8
db:CNVDid:CNVD-2017-35374
Trust: 0.6
db:CNNVDid:CNNVD-201708-153
Trust: 0.6
db:BIDid:100134
Trust: 0.3
sources:
            
            
            CERT/CC: VU#793496 // 
            
            
            
            CNVD: CNVD-2017-35374 // 
            
            
            
            BID: 100134 // 
            
            
            
            JVNDB: JVNDB-2017-014163 // 
            
            
            
            CNNVD: CNNVD-201708-153 // 
            
            
            
            NVD: CVE-2017-3224

REFERENCES
url:https://www.kb.cert.org/vuls/id/793496
Trust: 3.3
url:https://cwe.mitre.org/data/definitions/354.html
Trust: 0.8
url:https://en.wikipedia.org/wiki/open_shortest_path_first
Trust: 0.8
url:https://www.ietf.org/rfc/rfc2328.txt
Trust: 0.8
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170727-ospf
Trust: 0.8
url:https://support.lenovo.com/us/en/product_security/len-14078
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3224
Trust: 0.8
url:http://jvn.jp/vu/jvnvu93329670/index.html
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-3224
Trust: 0.8
url:https://bugzilla.redhat.com/show_bug.cgi?id=1472873
Trust: 0.3
url:http://www.quagga.net/
Trust: 0.3
url:https://access.redhat.com/security/cve/cve-2017-3224
Trust: 0.3
sources:
            
            
            CERT/CC: VU#793496 // 
            
            
            
            CNVD: CNVD-2017-35374 // 
            
            
            
            BID: 100134 // 
            
            
            
            JVNDB: JVNDB-2017-014163 // 
            
            
            
            CNNVD: CNNVD-201708-153 // 
            
            
            
            NVD: CVE-2017-3224

CREDITS
and Gabi Nakibly,Adi Sosnovich, Orna Grumberg
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201708-153

SOURCES
db:CERT/CCid:VU#793496
db:CNVDid:CNVD-2017-35374
db:BIDid:100134
db:JVNDBid:JVNDB-2017-014163
db:CNNVDid:CNNVD-201708-153
db:NVDid:CVE-2017-3224

LAST UPDATE DATE
2024-11-23T22:00:54.410000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#793496date:2017-10-18T00:00:00
db:CNVDid:CNVD-2017-35374date:2017-11-29T00:00:00
db:BIDid:100134date:2017-07-27T00:00:00
db:JVNDBid:JVNDB-2017-014163date:2018-10-31T00:00:00
db:CNNVDid:CNNVD-201708-153date:2019-10-17T00:00:00
db:NVDid:CVE-2017-3224date:2024-11-21T03:25:04.350

SOURCES RELEASE DATE
db:CERT/CCid:VU#793496date:2017-07-27T00:00:00
db:CNVDid:CNVD-2017-35374date:2017-11-29T00:00:00
db:BIDid:100134date:2017-07-27T00:00:00
db:JVNDBid:JVNDB-2017-014163date:2018-10-31T00:00:00
db:CNNVDid:CNNVD-201708-153date:2017-07-27T00:00:00
db:NVDid:CVE-2017-3224date:2018-07-24T15:29:00.890