{"id":"DSA-415","summary":"zebra - denial of service","details":"\nTwo vulnerabilities were discovered in zebra, an IP routing daemon:\n\n\n* [CAN-2003-0795](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0795) - a bug in the telnet CLI could allow a remote attacker\nto cause a zebra process to crash, resulting in a denial of service.\n* [CAN-2003-0858](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0858) - netlink messages sent by other users (rather than the\nkernel) would be accepted, leading to a denial of service.\n\n\nFor the current stable distribution (woody) this problem has been\nfixed in version 0.92a-5woody2.\n\n\nThe zebra package has been obsoleted in the unstable distribution by\nGNU Quagga, where this problem was fixed in version 0.96.4x-4.\n\n\nWe recommend that you update your zebra package.\n\n\n","modified":"2022-07-04T02:00:53.648181Z","published":"2004-01-06T00:00:00Z","withdrawn":"2024-05-15T05:36:14.125533Z","schema_version":"1.7.3"}