Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The BGP implementation in bgpd in Quagga before 0.99.20.1 does not properly use message buffers for OPEN messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a message associated with a malformed Four-octet AS Number Capability (aka AS4 capability).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Quagga缓冲区溢出漏洞
Vulnerability Description
Quagga是美国软件开发者Kunihiro Ishiguro所研发的一款路由软件套件。该套件可在多种平台上实现OSPFv2、OSPFv3、RIP v1/v2等协议,并提供路由重分布、路由映射等功能。 Quagga 0.99.20.1之前版本中bgpd的BGP实现中存在漏洞,该漏洞源于对OPEN信息未正确使用信息缓冲区。远程攻击者可利用该漏洞借助与畸形Four-octet AS Number Capability(也称AS4性能)相关的信息,导致拒绝服务(断言失败和守护进程退出)。
CVSS Information
N/A
Vulnerability Type
N/A