CVE-2013-2236

Severity CVSS v4.0:
Pending analysis
Type:
CWE-119 Buffer Errors
Publication date:
24/10/2013
Last modified:
11/04/2025

Description

Stack-based buffer overflow in the new_msg_lsa_change_notify function in the OSPFD API (ospf_api.c) in Quagga before 0.99.22.2, when --enable-opaque-lsa and the -a command line option are used, allows remote attackers to cause a denial of service (crash) via a large LSA.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:quagga:quagga:*:*:*:*:*:*:*:* 0.99.22.1 (including)
cpe:2.3:a:quagga:quagga:0.99.22:*:*:*:*:*:*:*