Stack-based buffer overflow in the new_msg_lsa_change_notify function in the OSPFD API (ospf_api.c) in Quagga prior to 0.99.22.2, when --enable-opaque-lsa and the -a command line option are used, allows remote malicious users to cause a denial of service (crash) via a large LSA.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
quagga quagga |
||
quagga quagga 0.99.22 |