Описание
Stack-based buffer overflow in the new_msg_lsa_change_notify function in the OSPFD API (ospf_api.c) in Quagga before 0.99.22.2, when --enable-opaque-lsa and the -a command line option are used, allows remote attackers to cause a denial of service (crash) via a large LSA.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 0.99.22.4-1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [0.99.22.4-1]] |
| lucid | ignored | end of life |
| precise | released | 0.99.20.1-0ubuntu0.12.04.4 |
| quantal | ignored | end of life |
| raring | ignored | end of life |
| saucy | ignored | end of life |
| trusty | not-affected | 0.99.22.4-1 |
| trusty/esm | DNE | trusty was not-affected [0.99.22.4-1] |
| upstream | released | 0.99.22.3 |
Показывать по
EPSS
2.6 Low
CVSS2
Связанные уязвимости
Stack-based buffer overflow in the new_msg_lsa_change_notify function in the OSPFD API (ospf_api.c) in Quagga before 0.99.22.2, when --enable-opaque-lsa and the -a command line option are used, allows remote attackers to cause a denial of service (crash) via a large LSA.
Stack-based buffer overflow in the new_msg_lsa_change_notify function in the OSPFD API (ospf_api.c) in Quagga before 0.99.22.2, when --enable-opaque-lsa and the -a command line option are used, allows remote attackers to cause a denial of service (crash) via a large LSA.
Stack-based buffer overflow in the new_msg_lsa_change_notify function ...
Stack-based buffer overflow in the new_msg_lsa_change_notify function in the OSPFD API (ospf_api.c) in Quagga before 0.99.22.2, when --enable-opaque-lsa and the -a command line option are used, allows remote attackers to cause a denial of service (crash) via a large LSA.
ELSA-2017-0794: quagga security and bug fix update (MODERATE)
EPSS
2.6 Low
CVSS2