CVE-2007-4826

N/A Unknown

Published: September 12, 2007 Modified: April 23, 2026

Description

bgpd in Quagga before 0.99.9 allows explicitly configured BGP peers to cause a denial of service (crash) via a malformed (1) OPEN message or (2) a COMMUNITY attribute, which triggers a NULL pointer dereference. NOTE: vector 2 only exists when debugging is enabled.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://fedoranews.org/updates/FEDORA-2007-219.shtml

Source: secalert@redhat.com

http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00153.html

Source: secalert@redhat.com

http://quagga.net/news2.php?y=2007&m=9&d=7#id1189190760

Source: secalert@redhat.com

Patch

http://secunia.com/advisories/26744

Source: secalert@redhat.com

Patch Vendor Advisory

http://secunia.com/advisories/26829

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/26863

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/27049

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/29743

Source: secalert@redhat.com

Vendor Advisory

http://sunsolve.sun.com/search/document.do?assetkey=1-26-236141-1

Source: secalert@redhat.com

http://www.debian.org/security/2007/dsa-1382

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDKSA-2007:182

Source: secalert@redhat.com

http://www.quagga.net/download/quagga-0.99.9.changelog.txt

Source: secalert@redhat.com

http://www.redhat.com/support/errata/RHSA-2010-0785.html

Source: secalert@redhat.com

http://www.securityfocus.com/bid/25634

Source: secalert@redhat.com

Patch

http://www.trustix.org/errata/2007/0028/

Source: secalert@redhat.com

http://www.ubuntu.com/usn/usn-512-1

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2007/3129

Source: secalert@redhat.com

Vendor Advisory

http://www.vupen.com/english/advisories/2008/1195/references

Source: secalert@redhat.com

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/36551

Source: secalert@redhat.com

http://fedoranews.org/updates/FEDORA-2007-219.shtml

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00153.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://quagga.net/news2.php?y=2007&m=9&d=7#id1189190760

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://secunia.com/advisories/26744

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

http://secunia.com/advisories/26829

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/26863

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/27049

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/29743

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://sunsolve.sun.com/search/document.do?assetkey=1-26-236141-1

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2007/dsa-1382

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDKSA-2007:182

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.quagga.net/download/quagga-0.99.9.changelog.txt

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2010-0785.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/25634

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.trustix.org/errata/2007/0028/

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ubuntu.com/usn/usn-512-1

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2007/3129

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.vupen.com/english/advisories/2008/1195/references

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/36551

Source: af854a3a-2127-422b-91ae-364da2661108

38 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

1.7%

74th percentile

Exploitation Status

Not in CISA KEV

Affected Vendors

quagga