Sign-up

ID

VAR-201911-0137


CVE

CVE-2012-5521


TITLE

quagga Reachable vulnerability in reachable

Trust: 0.8

sources: JVNDB: JVNDB-2012-006494

DESCRIPTION

quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal. quagga (ospf6d) Contains a vulnerability with reachable assertions.Service operation interruption (DoS) There is a possibility of being put into a state. Quagga is a routing software suite that implements multiple routing protocols on Unix platforms. A remote denial of service vulnerability exists in Quagga that affects the open shortest path priority of the IPv6 daemon (‘ospf6d’). A remote attacker could exploit the vulnerability to cause the daemon to crash and refuse to further serve legitimate users. There are vulnerabilities in Quagga 0.99.21 and other versions may be affected

Trust: 2.43

sources: NVD: CVE-2012-5521 // JVNDB: JVNDB-2012-006494 // CNVD: CNVD-2012-7900 // BID: 56530

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2012-7900

AFFECTED PRODUCTS

vendor:quaggamodel:quaggascope:eqversion:0.99.21

Trust: 2.7

vendor:redhatmodel:enterprise linuxscope:eqversion:5.0

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:10.0

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:8.0

Trust: 1.0

vendor:redhatmodel:enterprise linuxscope:eqversion:6.0

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:9.0

Trust: 1.0

vendor:debianmodel:gnu/linuxscope: - version: -

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope: - version: -

Trust: 0.8

sources: CNVD: CNVD-2012-7900 // BID: 56530 // JVNDB: JVNDB-2012-006494 // NVD: CVE-2012-5521

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-5521
value: MEDIUM

Trust: 1.0

NVD: CVE-2012-5521
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2012-7900
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201211-301
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2012-5521
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2012-7900
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2012-5521
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2012-5521
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2012-7900 // JVNDB: JVNDB-2012-006494 // CNNVD: CNNVD-201211-301 // NVD: CVE-2012-5521

PROBLEMTYPE DATA

problemtype:CWE-617

Trust: 1.8

sources: JVNDB: JVNDB-2012-006494 // NVD: CVE-2012-5521

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201211-301

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201211-301

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2012-006494

PATCH
title:CVE-2012-5521url:https://security-tracker.debian.org/tracker/CVE-2012-5521
Trust: 0.8
title:Top Pageurl:https://www.quagga.net/
Trust: 0.8
title:Bug 876197url:https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5521
Trust: 0.8
title:CVE-2012-5521url:https://access.redhat.com/security/cve/cve-2012-5521
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2012-006494

EXTERNAL IDS
db:NVDid:CVE-2012-5521
Trust: 3.3
db:BIDid:56530
Trust: 2.5
db:OPENWALLid:OSS-SECURITY/2012/11/13/14
Trust: 1.6
db:JVNDBid:JVNDB-2012-006494
Trust: 0.8
db:CNVDid:CNVD-2012-7900
Trust: 0.6
db:CNNVDid:CNNVD-201211-301
Trust: 0.6
db:OPENWALLid:OSS-SECURITY/2012/11/13/7
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2012-7900 // 
            
            
            
            BID: 56530 // 
            
            
            
            JVNDB: JVNDB-2012-006494 // 
            
            
            
            CNNVD: CNNVD-201211-301 // 
            
            
            
            NVD: CVE-2012-5521

REFERENCES
url:http://www.securityfocus.com/bid/56530
Trust: 2.2
url:http://www.openwall.com/lists/oss-security/2012/11/13/14
Trust: 1.6
url:https://access.redhat.com/security/cve/cve-2012-5521
Trust: 1.6
url:https://security-tracker.debian.org/tracker/cve-2012-5521
Trust: 1.6
url:https://bugzilla.redhat.com/show_bug.cgi?id=cve-2012-5521
Trust: 1.6
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/80096
Trust: 1.6
url:https://bugzilla.suse.com/show_bug.cgi?id=cve-2012-5521
Trust: 1.6
url:https://nvd.nist.gov/vuln/detail/cve-2012-5521
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5521
Trust: 0.8
url:https://bugzilla.quagga.net/show_bug.cgi?id=747
Trust: 0.3
url:https://bugzilla.redhat.com/show_bug.cgi?id=876197
Trust: 0.3
url:http://www.openwall.com/lists/oss-security/2012/11/13/7
Trust: 0.3
url:http://www.quagga.net/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2012-7900 // 
            
            
            
            BID: 56530 // 
            
            
            
            JVNDB: JVNDB-2012-006494 // 
            
            
            
            CNNVD: CNNVD-201211-301 // 
            
            
            
            NVD: CVE-2012-5521

CREDITS
Marco d'Itri
Trust: 0.9
sources:
            
            
            BID: 56530 // 
            
            
            
            CNNVD: CNNVD-201211-301

SOURCES
db:CNVDid:CNVD-2012-7900
db:BIDid:56530
db:JVNDBid:JVNDB-2012-006494
db:CNNVDid:CNNVD-201211-301
db:NVDid:CVE-2012-5521

LAST UPDATE DATE
2024-08-14T15:02:05.564000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2012-7900date:2012-11-16T00:00:00
db:BIDid:56530date:2012-11-13T00:00:00
db:JVNDBid:JVNDB-2012-006494date:2019-12-12T00:00:00
db:CNNVDid:CNNVD-201211-301date:2019-12-26T00:00:00
db:NVDid:CVE-2012-5521date:2020-08-18T15:05:57.593

SOURCES RELEASE DATE
db:CNVDid:CNVD-2012-7900date:2012-11-16T00:00:00
db:BIDid:56530date:2012-11-13T00:00:00
db:JVNDBid:JVNDB-2012-006494date:2019-12-12T00:00:00
db:CNNVDid:CNNVD-201211-301date:2012-11-16T00:00:00
db:NVDid:CVE-2012-5521date:2019-11-25T14:15:11.147