logo
DATABASE RESOURCES PRICING ABOUT US

Quagga < 0.99.17 BGPD Multiple Vulnerabilities

Description

According to its self-reported version number, the installation of Quagga's BGPD listening on the remote host is affected by multiple vulnerabilities : - A stack-based buffer overflow vulnerability can be triggered by a specially crafted BGP ROUTE-REFRESH message with a malformed Outbound Route Filtering record sent by a pre-configured peer. (CVE-2010-2948) - A denial of service vulnerability in BGPD can be triggered by a specially crafted UPDATE message with an unknown AS type in an AS path attribute. (CVE-2012-0250)


Related