CVE-2012-0250

Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:quagga:quagga:*:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.1:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.2:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.3:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.4:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.5:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.6:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.7:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.8:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.9:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.10:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.11:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.12:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.13:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.14:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.15:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.16:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.17:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.18:*:*:*:*:*:*:*
cpe:2.3:a:quagga:quagga:0.99.19:*:*:*:*:*:*:*

History

21 Nov 2024, 01:34

Type Values Removed Values Added
References () http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078794.html - () http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078794.html -
References () http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078910.html - () http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078910.html -
References () http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078926.html - () http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078926.html -
References () http://rhn.redhat.com/errata/RHSA-2012-1258.html - () http://rhn.redhat.com/errata/RHSA-2012-1258.html -
References () http://rhn.redhat.com/errata/RHSA-2012-1259.html - () http://rhn.redhat.com/errata/RHSA-2012-1259.html -
References () http://secunia.com/advisories/48949 - () http://secunia.com/advisories/48949 -
References () http://www.debian.org/security/2012/dsa-2459 - () http://www.debian.org/security/2012/dsa-2459 -
References () http://www.kb.cert.org/vuls/id/551715 - US Government Resource () http://www.kb.cert.org/vuls/id/551715 - US Government Resource

Information

Published : 2012-04-05 13:25

Updated : 2024-11-21 01:34


NVD link : CVE-2012-0250

Mitre link : CVE-2012-0250

CVE.ORG link : CVE-2012-0250


JSON object : View

Products Affected

quagga

  • quagga
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer