First published: Thu Oct 24 2013(Updated: )
Stack-based buffer overflow in the new_msg_lsa_change_notify function in the OSPFD API (ospf_api.c) in Quagga before 0.99.22.2, when --enable-opaque-lsa and the -a command line option are used, allows remote attackers to cause a denial of service (crash) via a large LSA.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Quagga Quagga | <=0.99.22.1 | |
Quagga Quagga | =0.99.22 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.