Mu Security Discovers Zero-Day Bug

Vulnerabilities & Threats

Mu Security discovers zero-day Quagga bgpd Remote Denial of Service Vulnerability

September 14, 2007

1 Min Read

SUNNYVALE, Calif. -- Mu Security, a pioneer in the new security analyzer market, has discovered and helped remediate a new 0-day Quagga bgpd Remote Denial of Service Vulnerability -- http://labs.musecurity.com/advisories.html

Affected Products/Versions: Quagga 0.99.8

Product Overview: Quagga is a routing software suite. Quagga bgpd implements the Border Gateway routing Protocol (BGP), the core routing protocol of the Internet. Very large private IP networks also often make use of BGP. http://www.quagga.net/

Vulnerability Details: There are two 0-day vulnerabilities. In both vulnerabilities, the attacker must be a configured peer. A BGP OPEN message with an invalid message length and a valid option parameters length (or vice versa) from a configured peer can cause an assertion failure in the stream library. An empty or malformed COMMUNITIES attribute in an UPDATE from a configured peer can cause a NULL pointer dereference when the attribute is printed if "debug bgp updates" is enabled.

Vendor Response / Solution: Update to 0.99.9, available from http://www.quagga.net/

History:

August 29, 2007— Mu Labs first contacted vendor
August 30, 2007—Vendor acknowledges vulnerability
August 31, 2007—Second issue reported
September 1, 2007—Vendor acknowledges second vulnerability
September 7, 2007—Vendor releases 0.99.9
September 12, 2007—Advisory released

Mu Security Inc.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

See more from Dark Reading Staff

Related Topics

Related Topics

Related Topics

Related Topics

About the Author(s)

Editor's Choice