Ubuntu update for Quagga



Published: 2017-10-31
Risk Low
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2017-16227
CVE-2017-5495
CWE-ID CWE-20
CWE-119
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		Ubuntu
Operating systems & Components / Operating system

Vendor Canonical Ltd.

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Denial of service

EUVDB-ID: #VU10654

Risk: Low

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-16227

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the Quagga BGP daemon due to AS_PATH size calculation for long paths counts certain bytes twice and consequently constructs an invalid message. A remote attacker can іsupply specially crafted BGP UPDATE messages and cause session drop.

Mitigation

Update the affected packages

Ubuntu 17.10:
quagga 1.1.1-3ubuntu0.1
quagga-bgpd 1.1.1-3ubuntu0.1
Ubuntu 17.04:
quagga 1.1.1-1ubuntu0.1
quagga-bgpd 1.1.1-1ubuntu0.1
Ubuntu 16.04 LTS:
quagga 0.99.24.1-2ubuntu1.3
Ubuntu 14.04 LTS:
quagga 0.99.22.4-3ubuntu1.4

Vulnerable software versions

Ubuntu: 14.04 - 17.10

External links

http://www.ubuntu.com/usn/usn-3471-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Memory corruption

EUVDB-ID: #VU10615

Risk: Low

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-5495

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to unbounded memory allocation in the telnet 'vty' CLI. A remote attacker able to connect to the TCP ports can  send very long strings without a newline, cause the Quagga daemon to allocate unbounded memory and system crash.

Mitigation

Update the affected packages

Ubuntu 17.10:
quagga 1.1.1-3ubuntu0.1
quagga-bgpd 1.1.1-3ubuntu0.1
Ubuntu 17.04:
quagga 1.1.1-1ubuntu0.1
quagga-bgpd 1.1.1-1ubuntu0.1
Ubuntu 16.04 LTS:
quagga 0.99.24.1-2ubuntu1.3
Ubuntu 14.04 LTS:
quagga 0.99.22.4-3ubuntu1.4

Vulnerable software versions

Ubuntu: 14.04 - 17.10

External links

http://www.ubuntu.com/usn/usn-3471-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###