← CVECheck
HomeVulnerabilities

CVE-2003-0795 — MEDIUM severity vulnerability (The vty layer in Quagga before 0.96.4, and Zebra 0.93b and e)

The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command to the telnet CLI port, which may trigger a null dereference.

CVE IDCVE-2003-0795
SeverityMEDIUM
CVSS score5.0
CVSS vectorAV:N/AC:L/Au:N/C:N/I:N/A:P
CWECWE-20
StatusModified
Published2003-12-15
Last modified2026-04-16
DescriptionThe vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command to the telnet CLI port, which may trigger a null dereference.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →