2.9 Low
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:A/AC:M/Au:N/C:N/I:N/A:P
0.011 Low
EPSS
Percentile
84.4%
CERT reports:
If a pre-configured BGP peer sends a specially-crafted OPEN
message with a malformed ORF capability TLV, Quagga bgpd process
will erroneously try to consume extra bytes from the input packet
buffer. The process will detect a buffer overrun attempt before
it happens and immediately terminate with an error message. All
BGP sessions established by the attacked router will be closed
and its BGP routing disrupted.