Computer Security
[EN] securityvulns.ru no-pyccku


Quagga bgpd BGP service DoS
updated since 16.04.2007
Published:16.04.2007
Source:
SecurityVulns ID:7590
Type:remote
Threat Level:
5/10
Description:Denial of service on BGP UPDATE messages processing.
Affected:QUAGGA : Quagga 0.98
 QUAGGA : quagga 0.99
CVE:CVE-2007-1995 (bgpd/bgp_attr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0.99 versions, does not validate length values in the MP_REACH_NLRI and MP_UNREACH_NLRI attributes, which allows remote attackers to cause a denial of service (daemon crash or exit) via crafted UPDATE messages that trigger an assertion error or out of bounds read.)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod