The bgp_attr_unknown function in bgp_attr.c in Quagga 0.99.21 does not properly initialize the total variable, which allows remote malicious users to cause a denial of service (bgpd crash) via a crafted BGP update.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
quagga quagga 0.99.21 |