admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 17:51:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2016/CVE-2016-12xx/CVE-2016-1245.json

161 lines
4.5 KiB
JSON
Raw Normal View History

bootstrap
2023-04-24 12:24:31 +02:00
{
"id": "CVE-2016-1245",
"sourceIdentifier": "security@debian.org",
"published": "2017-02-22T23:59:00.143",
"lastModified": "2018-01-05T02:30:33.727",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "It was discovered that the zebra daemon in Quagga before 1.0.20161017 suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages. The root cause was relying on BUFSIZ to be compatible with a message size; however, BUFSIZ is system-dependent."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que el demonio zebra en Quagga en versiones anteriores a 1.0.20161017 sufri\u00f3 un desbordamiento de b\u00fafer basado en pila al procesar mensajes de Neighbor Discovery de IPv6. La causa ra\u00edz radicaba en BUFSIZ para ser compatible con un tama\u00f1o de mensaje; sin embargo, BUFSIZ depende del sistema."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:quagga:quagga:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.0.20160315",
"matchCriteriaId": "B646D43D-A1C2-441B-90CE-2929F7BB072A"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"
}
]
}
]
}
],
"references": [
{
"url": "http://rhn.redhat.com/errata/RHSA-2017-0794.html",
"source": "security@debian.org"
},
{
"url": "http://www.gossamer-threads.com/lists/quagga/users/31952",
"source": "security@debian.org",
"tags": [
"Mailing List",
"Mitigation",
"Third Party Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/93775",
"source": "security@debian.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1386109",
"source": "security@debian.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://github.com/Quagga/quagga/commit/cfb1fae25f8c092e0d17073eaf7bd428ce1cd546",
"source": "security@debian.org",
"tags": [
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/201701-48",
"source": "security@debian.org"
},
{
"url": "https://www.debian.org/security/2016/dsa-3695",
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
]
}
]
}
Reference in New Issue Copy Permalink