Описание
The bgp_dump_routes_func function in bgpd/bgp_dump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service (assertion failure and daemon crash) via a large BGP packet.
A denial of service flaw was found in the Quagga BGP routing daemon (bgpd). Under certain circumstances, a remote attacker could send a crafted packet to crash the bgpd daemon resulting in denial of service.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | quagga | Will not fix | ||
| Red Hat Enterprise Linux 7 | quagga | Will not fix | ||
| Red Hat Enterprise Linux 6 | quagga | Fixed | RHSA-2017:0794 | 21.03.2017 |
Показывать по
Дополнительная информация
Статус:
EPSS
5.9 Medium
CVSS3
2.6 Low
CVSS2
Связанные уязвимости
The bgp_dump_routes_func function in bgpd/bgp_dump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service (assertion failure and daemon crash) via a large BGP packet.
The bgp_dump_routes_func function in bgpd/bgp_dump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service (assertion failure and daemon crash) via a large BGP packet.
The bgp_dump_routes_func function in bgpd/bgp_dump.c in Quagga does no ...
EPSS
5.9 Medium
CVSS3
2.6 Low
CVSS2