45 matches found
CVE-2012-1820
The bgpcapabilityorf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service assertion failure and daemon exit by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering ORF capability TLV in an OPEN message...
quagga -- BGP OPEN denial of service vulnerability
CERT reports: If a pre-configured BGP peer sends a specially-crafted OPEN message with a malformed ORF capability TLV, Quagga bgpd process will erroneously try to consume extra bytes from the input packet buffer. The process will detect a buffer overrun attempt before it happens and immediately...
(bgpd): Stack buffer overflow by processing certain Route-Refresh messages
Stack-based buffer overflow in the bgprouterefreshreceive function in bgppacket.c in bgpd in Quagga before 0.99.17 allows remote authenticated users to cause a denial of service daemon crash or possibly execute arbitrary code via a malformed Outbound Route Filtering ORF record in a BGP...
CVE-2010-2948
Stack-based buffer overflow in the bgprouterefreshreceive function in bgppacket.c in bgpd in Quagga before 0.99.17 allows remote authenticated users to cause a denial of service daemon crash or possibly execute arbitrary code via a malformed Outbound Route Filtering ORF record in a BGP...
CVE-2010-2948
Affected software: Quagga bgpd (bgp_route_refresh_receive in bgp_packet.c) prior to version 0.99.17. Vulnerability type: stack-based buffer overflow when processing a malformed Outbound Route Filtering (ORF) in a BGP ROUTE-REFRESH message. Impact (as stated): remote authenticated users can cause ...