From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <mike@fly.osdn.org.ua>
Date: Wed, 3 May 2006 15:29:40 +0300
From: Michael Shigorin <mike@osdn.org.ua>
To: sysadmins@lists.altlinux.org
Message-ID: <20060503122940.GG13926@osdn.org.ua>
Mail-Followup-To: sysadmins@lists.altlinux.org
Mime-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
User-Agent: Mutt/1.4.2.1i
Subject: [Sysadmins] Fwd: [SA19910] Quagga RIPd RIPv1 Request Handling
	Security Issue
X-BeenThere: sysadmins@lists.altlinux.org
X-Mailman-Version: 2.1.7
Precedence: list
Reply-To: shigorin@gmail.com,
	ALT Linux sysadmin discuss <sysadmins@lists.altlinux.org>
List-Id: ALT Linux sysadmin discuss <sysadmins.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/listinfo/sysadmins>,
	<mailto:sysadmins-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/sysadmins>
List-Post: <mailto:sysadmins@lists.altlinux.org>
List-Help: <mailto:sysadmins-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/sysadmins>,
	<mailto:sysadmins-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Wed, 03 May 2006 12:29:53 -0000
Archived-At: <http://lore.altlinux.org/sysadmins/20060503122940.GG13926@osdn.org.ua/>
List-Archive: <http://lore.altlinux.org/sysadmins/>

	Здравствуйте.
Кто там кваггу нахваливал?  Чините.

----- Forwarded message from Secunia Security Advisories <sec-adv@secunia.com> -----

TITLE:
Quagga RIPd RIPv1 Request Handling Security Issue

SECUNIA ADVISORY ID:
SA19910

VERIFY ADVISORY:
http://secunia.com/advisories/19910/

CRITICAL:
Less critical

IMPACT:
Security Bypass, Exposure of system information

WHERE:
>>From local network

SOFTWARE:
Quagga 0.x
http://secunia.com/product/4731/

DESCRIPTION:
Konstantin V. Gavrilenko has reported two security issues in Quagga,
which can be exploited by malicious people to bypass certain security
restrictions and to disclose system information.

1) An error in RIPd causes RIPv1 RESPONSE packets to be accepted for
routing state update, even when RIPv2 authentication has been
enabled. This can potentially be exploited to inject malicious route
into the RIP daemon.

2) An error in RIPd causes it to respond to RIPv1 SEND UPDATE
requests and to send out routing table information, even when RIPv2
authentication has been enabled. This can potentially be exploited to
obtain route information.

The security issues have been reported in 0.98.3 and 0.99.5. Other
versions may also be affected.

SOLUTION:
The security issues have been fixed in the CVS repositories.

PROVIDED AND/OR DISCOVERED BY:
Konstantin V. Gavrilenko

ORIGINAL ADVISORY:
http://bugzilla.quagga.net/show_bug.cgi?id=261
http://bugzilla.quagga.net/show_bug.cgi?id=262

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

----- End forwarded message -----

-- 
 ---- WBR, Michael Shigorin <mike@altlinux.ru>
  ------ Linux.Kiev http://www.linux.kiev.ua/