quagga: Security Advisory - quagga - CVE-2013-2236 (71bb2dc7) · Commits · poplar / meta-openembedded

Commit 71bb2dc7 authored Jul 28, 2014 by

Yue Tao Committed by Joe MacDonald Aug 05, 2014

quagga: Security Advisory - quagga - CVE-2013-2236

Stack-based buffer overflow in the new_msg_lsa_change_notify function in
the OSPFD API (ospf_api.c) in Quagga before 0.99.22.2, when
--enable-opaque-lsa and the -a command line option are used, allows
remote attackers to cause a denial of service (crash) via a large LSA.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2236



Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>

parent 18bea207

Hide whitespace changes

Inline Side-by-side

Please register or to comment

Admin message

quagga: Security Advisory - quagga - CVE-2013-2236