EUVD-2006-5410

Malware in sbrugna...

XORP OSPF链路状态通告拒绝服务漏洞

XORP是一款开放源码的路由器平台。 XORP在处理LSA消息时存在漏洞，远程攻击者可能利用此漏洞对服务器执行拒绝服务攻击。 OSPF使用链路状态通告（LSA）传播链路状态信息，每个LSA中都包含一个长度字段和校验和。XORP在处理LSA时会验证校验和。在这个验证过程中，XORP使用长度字段计算负载。无效的长度字段会导致越界读取，造成OSPF守护程序崩溃。 XORP XORP 1.3 XORP XORP 1.2 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： wget...

CVE-2006-5425

XORP eXtensible Open Router Platform 1.2 and 1.3 allows remote attackers to cause a denial of service application crash via an Open Shortest Path First OSPF Link State Advertisement LSA with an invalid LSA length field...

CVE-2006-5425

XORP eXtensible Open Router Platform 1.2 and 1.3 allows remote attackers to cause a denial of service application crash via an Open Shortest Path First OSPF Link State Advertisement LSA with an invalid LSA length field...

CVE-2006-5425

XORP (eXtensible Open Router Platform) versions 1.2 and 1.3 are affected by a vulnerability in OSPF handling: processing an Open Shortest Path First LSA with an invalid length field can cause an application crash, leading to a denial of service. The issue is tied to the LSA length validation path...