Several Border Gateway Protocol flaws were discovered in Quagga routing software. What were the flaws and how did...
they affect the software? Should enterprises be concerned about BGP security?
Border Gateway Protocol (BGP) flaws in Quagga routing software enabled attackers to gain remote code execution abilities, acquire sensitive information and cause denial-of-service (DoS) issues. The affected Unix platforms include Debian GNU/Linux, SUSE Linux and Ubuntu.
The vulnerabilities are listed below in descending order of CVSS scores earned.
The most critical vulnerability among the BGP flaws is CVE-2018-5379, which has a CVSS score of 9.0. The Quagga BGP daemon (BGPD) can double free memory when processing certain forms of update message, containing cluster-list or unknown attributes. A successful exploitation of this flaw enables attackers to execute remote code and caused DoS issues.
Next is CVE-2018-5381 with a score of 7.5. This vulnerability leads the BGPD process into an endless loop, which eventually stops responding due to DoS issues. This flaw's ratings on integrity and confidentiality of the data are not provided.
Then, CVE-2018-5378 has a score of 5.9. With this vulnerability, the BGPD process doesn't properly restrict operations within the bounds of a memory buffer. An arbitrary length with an invalid attribute length is sent over the network to a peer or causes the BGPD process to crash. The rating of this risk is low in terms of confidentiality.
Last is CVE-2018-5380 with a score of 4.3. This flaw enables an out of bounds read bug in the BGPD process to overrun internal BGP code-to-string conversion tables by the value of one point. Unlike the other three vulnerabilities, the impact of this flaw on availability is low, while its ratings for integrity and confidentiality are not provided.
Enterprises should be concerned about BGP flaws on the affected Unix platforms running the Quagga BGP daemon prior to version 1.2.3, as an authenticated attacker can gain full control of the affected BGPD process, maliciously modify the routes and take over the routing service to transfer data between autonomous systems.
Ask the expert:
Want to ask Judith Myerson a question about security? Submit your question now via email. (All questions are anonymous.)
Dig Deeper on Penetration testing, ethical hacking and vulnerability assessments
Related Q&A from Judith Myerson
A previously disclosed flaw found in Broadcom's Wi-Fi controller chips is now believed to affect the Lenovo ThinkPad. Learn how this vulnerability ... Continue Reading
ICS-CERT issued a warning about a new vulnerability in Nortek Linear eMerge E3 products. Discover what this vulnerability is and how it affects ... Continue Reading
Threat actors exploited a critical Cisco firewall vulnerability that received a CVSS score of 10. Discover how this flaw works and how it was ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.