Lucene search

[email protected]CVE-2012-0249

HistoryApr 05, 2012 - 1:25 p.m.

CVE-2012-0249

2012-04-0513:25:30

CWE-119

[email protected]

web.nvd.nist.gov

cve-2012-0249

buffer overflow

ospfv2

ospf

quagga

denial of service

remote attack

nvd

3.3 Low

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:N/I:N/A:P

6.1 Medium

AI Score

Confidence

High

0.015 Low

EPSS

Percentile

86.8%

JSON

Buffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a Link State Update (aka LS Update) packet that is smaller than the length specified in its header.

Affected configurations

NVD

Node

quaggaquaggaRange≤0.99.20

quaggaquaggaMatch0.95

quaggaquaggaMatch0.96

quaggaquaggaMatch0.96.1

quaggaquaggaMatch0.96.2

quaggaquaggaMatch0.96.3

quaggaquaggaMatch0.96.4

quaggaquaggaMatch0.96.5

quaggaquaggaMatch0.97.0

quaggaquaggaMatch0.97.1

quaggaquaggaMatch0.97.2

quaggaquaggaMatch0.97.3

quaggaquaggaMatch0.97.4

quaggaquaggaMatch0.97.5

quaggaquaggaMatch0.98.0

quaggaquaggaMatch0.98.1

quaggaquaggaMatch0.98.2

quaggaquaggaMatch0.98.3

quaggaquaggaMatch0.98.4

quaggaquaggaMatch0.98.5

quaggaquaggaMatch0.98.6

quaggaquaggaMatch0.99.1

quaggaquaggaMatch0.99.2

quaggaquaggaMatch0.99.3

quaggaquaggaMatch0.99.4

quaggaquaggaMatch0.99.5

quaggaquaggaMatch0.99.6

quaggaquaggaMatch0.99.7

quaggaquaggaMatch0.99.8

quaggaquaggaMatch0.99.9

quaggaquaggaMatch0.99.10

quaggaquaggaMatch0.99.11

quaggaquaggaMatch0.99.12

quaggaquaggaMatch0.99.13

quaggaquaggaMatch0.99.14

quaggaquaggaMatch0.99.15

quaggaquaggaMatch0.99.16

quaggaquaggaMatch0.99.17

quaggaquaggaMatch0.99.18

quaggaquaggaMatch0.99.19

CPENameOperatorVersion
quagga:quaggaquaggale0.99.20
quagga:quaggaquaggaeq0.95
quagga:quaggaquaggaeq0.96
quagga:quaggaquaggaeq0.96.1
quagga:quaggaquaggaeq0.96.2
quagga:quaggaquaggaeq0.96.3
quagga:quaggaquaggaeq0.96.4
quagga:quaggaquaggaeq0.96.5
quagga:quaggaquaggaeq0.97.0
quagga:quaggaquaggaeq0.97.1

CPE	Name	Operator	Version
quagga:quagga	quagga	le	0.99.20
quagga:quagga	quagga	eq	0.95
quagga:quagga	quagga	eq	0.96
quagga:quagga	quagga	eq	0.96.1
quagga:quagga	quagga	eq	0.96.2
quagga:quagga	quagga	eq	0.96.3
quagga:quagga	quagga	eq	0.96.4
quagga:quagga	quagga	eq	0.96.5
quagga:quagga	quagga	eq	0.97.0
quagga:quagga	quagga	eq	0.97.1