The OSPF implementation in IBM i 6.1 and 7.1, in z/OS on zSeries servers, and in Networking Operating System (aka NOS, formerly BLADE Operating System) does not properly validate Link State Advertisement (LSA) type 1 packets before performing operations on the LSA database, which allows remote malicious users to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm i 7.1 |
||
ibm z\\/os |
||
ibm i 6.1 |