CVE-2006-2276 | Vulnerability Database | Aqua Security

bgpd in Quagga 0.98 and 0.99 before 20060504 allows local users to cause a denial of service (CPU consumption) via a certain sh ip bgp command entered in the telnet interface.

Affected Software

Name	Vendor	Start Version	End Version
Quagga	Quagga	0.98.5 (including)	0.98.5 (including)
Quagga	Quagga	0.99.3 (including)	0.99.3 (including)
Red Hat Enterprise Linux 3	RedHat	quagga-0:0.96.2-11.3E	*
Red Hat Enterprise Linux 4	RedHat	quagga-0:0.98.3-2.4E	*
Red Hat Enterprise Linux AS (Advanced Server) version 2.1	RedHat		*
Red Hat Linux Advanced Workstation 2.1	RedHat		*
Quagga	Ubuntu	dapper	*
Quagga	Ubuntu	devel	*
Quagga	Ubuntu	edgy	*
Quagga	Ubuntu	feisty	*

References

ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc
http://lists.quagga.net/pipermail/quagga-dev/2006-March/004052.html
http://secunia.com/advisories/20116
http://secunia.com/advisories/20137
http://secunia.com/advisories/20138
http://secunia.com/advisories/20221
http://secunia.com/advisories/20420
http://secunia.com/advisories/20421
http://secunia.com/advisories/20782
http://securitytracker.com/id?1016204
http://www.debian.org/security/2006/dsa-1059
http://www.gentoo.org/security/en/glsa/glsa-200605-15.xml
http://www.osvdb.org/25245
http://www.quagga.net/news2.php?y=2006\u0026m=5\u0026d=4#id1146764580
http://www.redhat.com/support/errata/RHSA-2006-0525.html
http://www.redhat.com/support/errata/RHSA-2006-0533.html
http://www.securityfocus.com/bid/17979
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10651
https://usn.ubuntu.com/284-1/
ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc
http://lists.quagga.net/pipermail/quagga-dev/2006-March/004052.html
http://secunia.com/advisories/20116
http://secunia.com/advisories/20137
http://secunia.com/advisories/20138
http://secunia.com/advisories/20221
http://secunia.com/advisories/20420
http://secunia.com/advisories/20421
http://secunia.com/advisories/20782
http://securitytracker.com/id?1016204
http://www.debian.org/security/2006/dsa-1059
http://www.gentoo.org/security/en/glsa/glsa-200605-15.xml
http://www.osvdb.org/25245
http://www.quagga.net/news2.php?y=2006\u0026m=5\u0026d=4#id1146764580
http://www.redhat.com/support/errata/RHSA-2006-0525.html
http://www.redhat.com/support/errata/RHSA-2006-0533.html
http://www.securityfocus.com/bid/17979
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10651
https://usn.ubuntu.com/284-1/

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-2276
CWE	https://cwe.mitre.org/data/definitions/399.html