Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Quagga BGP daemon (bgpd) prior to version 1.2.3 has a bug in its parsing of "Capabilities" in BGP OPEN messages, in the bgp_packet.c:bgp_capability_msg_parse function. The parser can enter an infinite loop on invalid capabilities if a Multi-Protocol capability does not have a recognized AFI/SAFI, causing a denial of service.
CVSS Information
N/A
Vulnerability Type
语法无效结构处理不恰当
Vulnerability Title
Quagga BGP daemon 安全漏洞
Vulnerability Description
Quagga BGP daemon(bgpd)是一系列守护进程(daemon)的集合,由核心守护进程zebra进行管理,主要用于实现与运行相同路由协议的对等节点之间进行路由信息交换。bgpd是其中的一个实现BGP4+(包括对组播地址族和IPv6地址族的支持)的守护进程(daemon)。 Quagga bgpd 1.2.3之前版本中的‘bgp_packet.c:bgp_capability_msg_parse ’函数对BGP OPEN信息中的‘Capabilities’的分析存在安全漏洞。远程攻击者可利用该
CVSS Information
N/A
Vulnerability Type
N/A