CVE-2012-0255

N/A Unknown
Published: April 05, 2012 Modified: April 29, 2026
View on NVD

Description

The BGP implementation in bgpd in Quagga before 0.99.20.1 does not properly use message buffers for OPEN messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a message associated with a malformed Four-octet AS Number Capability (aka AS4 capability).

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078794.html
Source: cret@cert.org
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078910.html
Source: cret@cert.org
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078926.html
Source: cret@cert.org
http://rhn.redhat.com/errata/RHSA-2012-1259.html
Source: cret@cert.org
http://secunia.com/advisories/48949
Source: cret@cert.org
http://www.debian.org/security/2012/dsa-2459
Source: cret@cert.org
http://www.kb.cert.org/vuls/id/551715
Source: cret@cert.org
US Government Resource
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078794.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078910.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078926.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://rhn.redhat.com/errata/RHSA-2012-1259.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/48949
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2012/dsa-2459
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.kb.cert.org/vuls/id/551715
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource

14 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
3.5%
88th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-119

Affected Vendors

quagga

Related CVEs

CVE-2026-9677 N/A
CVE-2026-13245 6.1
CVE-2026-12404 5.3
CVE-2026-10820 N/A
CVE-2026-12415 9.8