SUNNYVALE, Calif. -- Mu Security, a pioneer in the new security analyzer market, has discovered and helped remediate a new 0-day Quagga bgpd Remote Denial of Service Vulnerability -- http://labs.musecurity.com/advisories.html
Affected Products/Versions: Quagga 0.99.8
Product Overview: Quagga is a routing software suite. Quagga bgpd implements the Border Gateway routing Protocol (BGP), the core routing protocol of the Internet. Very large private IP networks also often make use of BGP. http://www.quagga.net/
Vulnerability Details: There are two 0-day vulnerabilities. In both vulnerabilities, the attacker must be a configured peer. A BGP OPEN message with an invalid message length and a valid option parameters length (or vice versa) from a configured peer can cause an assertion failure in the stream library. An empty or malformed COMMUNITIES attribute in an UPDATE from a configured peer can cause a NULL pointer dereference when the attribute is printed if "debug bgp updates" is enabled.
Vendor Response / Solution: Update to 0.99.9, available from http://www.quagga.net/
History:
- August 29, 2007— Mu Labs first contacted vendor
August 30, 2007—Vendor acknowledges vulnerability
August 31, 2007—Second issue reported
September 1, 2007—Vendor acknowledges second vulnerability
September 7, 2007—Vendor releases 0.99.9
September 12, 2007—Advisory released