115 matches found
CVE-2023-1458
A vulnerability has been found in Ubiquiti EdgeRouter X 2.0.9-hotfix.6 and classified as critical. Affected by this vulnerability is an unknown functionality of the component OSPF Handler. The manipulation of the argument area leads to command injection. The attack can be launched remotely. The...
The vulnerability of the OSPFv2 network protocol implementation in the Cisco IOS XE operating system allows a attacker to cause a service failure.
The vulnerability of the OSPFv2 network protocol implementation in Cisco IOS XE operating systems is related to improper cleaning or release of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...
USN-6794-1 frr vulnerabilities
It was discovered that FRR incorrectly handled certain malformed BGP and OSPF packets. A remote attacker could use this issue to cause FRR to crash, resulting in a denial of service, or possibly execute arbitrary code...
SUSE CVE-2024-34088
In FRRouting FRR through 9.1, it is possible for the getedge function in ospfte.c in the OSPF daemon to return a NULL pointer. In cases where calling functions do not handle the returned NULL value, the OSPF daemon crashes, leading to denial of service...
DEBIAN-CVE-2024-34088
In FRRouting FRR through 9.1, it is possible for the getedge function in ospfte.c in the OSPF daemon to return a NULL pointer. In cases where calling functions do not handle the returned NULL value, the OSPF daemon crashes, leading to denial of service...
UBUNTU-CVE-2024-31950
In FRRouting FRR through 9.1, there can be a buffer overflow and daemon crash in ospfteparseri for OSPF LSA packets during an attempt to read Segment Routing subTLVs their size is not validated...
PT-2024-6035 · Frrouting +5 · Frrouting +5
Name of the Vulnerable Software and Affected Versions: FRRouting versions through 9.1 Description: The issue is related to the get edge function in the ospf te.c file of the OSPF daemon component in FRRouting, which can return a NULL pointer. If calling functions do not handle this NULL value, th...
USN-6679-1 frr vulnerability
It was discovered that FRR incorrectly handled certain malformed OSPF LSA packets. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service...
DEBIAN-CVE-2024-27913
ospfteparsete in ospfd/ospfte.c in FRRouting FRR through 9.1 allows remote attackers to cause a denial of service ospfd daemon crash via a malformed OSPF LSA packet, because of an attempted access to a missing attribute field...
PT-2024-22130 · Frrouting +4 · Frrouting +4
Name of the Vulnerable Software and Affected Versions: FRRouting FRR versions through 9.1 Description: The issue allows remote attackers to cause a denial of service, resulting in the ospfd daemon crash, via a malformed OSPF LSA packet. This occurs because of an attempted access to a missing...
PT-2023-7474 · Ubiquiti · Ubiquiti Edgerouter X
Name of the Vulnerable Software and Affected Versions: Ubiquiti EdgeRouter X version 2.0.9-hotfix.6 Description: A critical issue has been found in the OSPF Handler component of the software, potentially allowing for command injection through the manipulation of the argument area. This can be...
SUSE CVE-2018-14880
The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6printlshdr...
CVE-2023-22406
A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of Service DoS. In a segment-routing scenario with OSPF as IGP, when a peer interface continuously flap...
CVE-2022-22230
An Improper Input Validation vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent unauthenticated attacker to cause DoS Denial of Service. If another router generates more than one specific valid OSPFv3 LSA then rpd will crash while...
CVE-2022-20823
A vulnerability in the OSPF version 3 OSPFv3 feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to incomplete input validation of specific OSPFv3 packets. An attacker could...
Cisco NX-OS Software 缓冲区错误漏洞
Cisco NX-OS Software is a suite of data center-grade operating system software for switches from Cisco. A security vulnerability exists in Cisco NX-OS Software OSPFv3, which stems from incomplete validation of inputs to specific OSPFv3 messages allowing an unauthenticated, remote attacker to...
The vulnerability of the OSPF network protocol implementation in the microcomputer-based switching devices SCALANCE of the XM-400 and XR-500 series allows a intruder to trigger a service failure.
The vulnerability of the OSPF network protocol implementation in the microcomputer-based switching devices SCALANCE models XM-400 and XR-500 is related to the lack of integrity checks. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...
CVE-2022-22169
An Improper Initialization vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an attacker who sends specific packets in certain orders and at specific timings to force OSPFv3 to unexpectedly enter graceful-restart GR helper mode even though...
CVE-2022-22169
An Improper Initialization vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an attacker who sends specific packets in certain orders and at specific timings to force OSPFv3 to unexpectedly enter graceful-restart GR helper mode even though...
The vulnerability of the implementation of the OSPFv2 protocol in microprogrammed network interface devices from Cisco Adaptive Security Appliances and Cisco Firepower Threat Defense allows a attacker to induce a service failure.
The vulnerability of the OSPFv2 protocol implementation in Cisco Adaptive Security Appliances and Cisco Firepower Threat Defense software involves an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...