Lucene search

PRIOn knowledge basePRION:CVE-2013-2236

HistoryOct 24, 2013 - 3:48 a.m.

Stack overflow

2013-10-2403:48:00

PRIOn knowledge base

www.prio-n.com

7.5 High

AI Score

Confidence

High

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

0.053 Low

EPSS

Percentile

92.8%

JSON

Stack-based buffer overflow in the new_msg_lsa_change_notify function in the OSPFD API (ospf_api.c) in Quagga before 0.99.22.2, when --enable-opaque-lsa and the -a command line option are used, allows remote attackers to cause a denial of service (crash) via a large LSA.

CPENameOperatorVersion
quaggale0.99.22.1
quaggaeq0.99.22

CPE	Name	Operator	Version
	quagga	le	0.99.22.1
	quagga	eq	0.99.22

References

git.savannah.gnu.org/gitweb/?p=quagga.git%3Ba=commitdiff%3Bh=3f872fe60463a931c5c766dbf8c36870c0023e88

lists.quagga.net/pipermail/quagga-dev/2013-July/010622.html

rhn.redhat.com/errata/RHSA-2017-0794.html

seclists.org/oss-sec/2013/q3/24

www.debian.org/security/2013/dsa-2803

www.securityfocus.com/bid/60955

www.ubuntu.com/usn/USN-2941-1

nongnu.mirrors.hostinginnederland.nl//quagga/quagga-0.99.22.3.changelog.txt

7.5 High

AI Score

Confidence

High

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

0.053 Low

EPSS

Percentile

92.8%

JSON

Related for PRION:CVE-2013-2236