Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2007-1995

EPSS 2.16% · P84
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2007-1995

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
bgpd/bgp_attr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0.99 versions, does not validate length values in the MP_REACH_NLRI and MP_UNREACH_NLRI attributes, which allows remote attackers to cause a denial of service (daemon crash or exit) via crafted UPDATE messages that trigger an assertion error or out of bounds read.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Quagga BGPD UPDATE消息远程拒绝服务漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Quagga是美国软件开发者Kunihiro Ishiguro所研发的一款路由软件套件。该套件可在多种平台上实现OSPFv2、OSPFv3、RIP v1/v2等协议,并提供路由重分布、路由映射等功能。 Quagga处理畸形的请求消息时存在漏洞,远程攻击者可能利用此漏洞导致服务程序崩溃。 Quagga的bgpd没有验证从MP_REACH_NLRI和MP_UNREACH_NLRI属性检索到的长度信息,导致bgpd通过流API越界报文请求信息。如果启用了DEBUG ,也就是启用了assert(),就会在lib/
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2007-1995

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2007-1995

登录查看更多情报信息。

Same Patch Batch · n/a · 2007-04-12 · 49 CVEs total

CVE-2007-1980PHP-Fusion Topliste模块'Index.PHP' SQL注入漏洞
CVE-2007-1983CyBoards PHP Lite 'Default_Header.PHP' 远程文件包含漏洞
CVE-2007-1985phpexplorator 'phpexplorator.php'多个PHP远程文件包含漏洞
CVE-2007-1974XOOPS Module ZMagazine 'Print.PHP' SQL注入漏洞
CVE-2007-1975SLAED CMS 多个PHP远程文件包含漏洞
CVE-2007-1976Xoops Virii Info模块 'index.php'PHP远程文件包含漏洞
CVE-2007-1977HolaCMS 'Index_CMS.PHP' acuparam参数跨站脚本攻击漏洞
CVE-2007-1978PHP-Fusion Arcade模块'index.php'SQL注入漏洞
CVE-2007-1988PHPEcho CMS 'filters.inc.php'跨站脚本攻击漏洞
CVE-2007-1981Windows上的Metamod-P safevoid_vsnprintf函数拒绝服务攻击漏洞
CVE-2007-1982Really Simple PHP和Ajax 多个远程文件包含漏洞
CVE-2007-1979XOOPS PopnupBlog 模块 'Index.PHP' SQL注入漏洞
CVE-2007-1996CodeBreak 'Codebreak.PHP' 远程文件包含漏洞
CVE-2007-1994HP-UX ARPA Transport功能未明拒绝服务漏洞
CVE-2007-1993HP-UX可移植文件系统远程缓冲区溢出漏洞
CVE-2007-1992Mambo Com-Zoom 模块多个PHP远程文件包含漏洞
CVE-2007-1991Youngzsoft CMailServer WebMail 'signup.asp' 跨站脚本攻击漏洞
CVE-2007-1990Sam Crew MyBlog 'games.php'PHP远程文件包含漏洞
CVE-2007-1989DotClear 多个跨站脚本攻击漏洞
CVE-2007-2021Pineapple Technologies Lore 多个PHP远程文件包含漏洞

Showing top 20 of 49 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2007-1995

No comments yet

Leave a comment