CVE-2019-16159

{"id": "CVE-2019-16159", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2019-09-09T15:15:12.623", "references": [{"url": "http://bird.network.cz", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00063.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00065.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://trubka.network.cz/pipermail/bird-users/2019-September/013718.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://trubka.network.cz/pipermail/bird-users/2019-September/013720.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://trubka.network.cz/pipermail/bird-users/2019-September/013722.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://gitlab.labs.nic.cz/labs/bird/commit/1657c41c96b3c07d9265b07dd4912033ead4124b", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://gitlab.labs.nic.cz/labs/bird/commit/8388f5a7e14108a1458fea35bfbb5a453e2c563c", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4F23NNAPXX65MGJQBPPTVGRV3T4XCKBV/", "source": "cve@mitre.org"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MCVNQJBZYGGNAJNGOFEBE3IAJME2QIZB/", "source": "cve@mitre.org"}, {"url": "https://seclists.org/bugtraq/2019/Sep/34", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.debian.org/security/2019/dsa-4528", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has a stack-based buffer overflow. The BGP daemon's support for RFC 8203 administrative shutdown communication messages included an incorrect logical expression when checking the validity of an input message. Sending a shutdown communication with a sufficient message length causes a four-byte overflow to occur while processing the message, where two of the overflow bytes are attacker-controlled and two are fixed."}, {"lang": "es", "value": "BIRD Internet Routing Daemon versiones 1.6.x hasta 1.6.7 y versiones 2.x hasta 2.0.5, presenta un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria. El soporte del demonio BGP para los mensajes de comunicaci\u00f3n de apagado administrativo RFC 8203 inclu\u00eda una expresi\u00f3n l\u00f3gica incorrecta cuando se comprueba la validez de un mensaje de entrada. El env\u00edo de una comunicaci\u00f3n de apagado con una longitud de mensaje suficiente causa un desbordamiento de cuatro bytes mientras es procesado el mensaje, donde dos de los bytes del desbordamiento est\u00e1n controlados por el atacante y dos son fijados."}], "lastModified": "2023-11-07T03:05:38.250", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nic:bird:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5781A401-F896-4CD0-9936-A4284E38E869", "versionEndIncluding": "1.6.7", "versionStartIncluding": "1.6.0"}, {"criteria": "cpe:2.3:a:nic:bird:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44C0676B-60A8-4692-958B-A1CE1A544C8E", "versionEndIncluding": "2.0.5", "versionStartIncluding": "2.0.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "40513095-7E6E-46B3-B604-C926F1BA3568"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D100F7CE-FC64-4CC6-852A-6136D72DA419"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}