CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
91.5%
XORP (eXtensible Open Router Platform) 1.2 and 1.3 allows remote attackers to cause a denial of service (application crash) via an Open Shortest Path First (OSPF) Link State Advertisement (LSA) with an invalid LSA length field.
Vendor | Product | Version | CPE |
---|---|---|---|
xorp | extensible_open_router_platform | 1.2 | cpe:2.3:a:xorp:extensible_open_router_platform:1.2:*:*:*:*:*:*:* |
xorp | extensible_open_router_platform | 1.3 | cpe:2.3:a:xorp:extensible_open_router_platform:1.3:*:*:*:*:*:*:* |
labs.musecurity.com/advisories/MU-200610-01.txt
marc.info/?l=full-disclosure&m=116115975806681&w=2
secunia.com/advisories/22462
securitytracker.com/id?1017079
www.securityfocus.com/bid/20597
www.vupen.com/english/advisories/2006/4107
www.xorp.org/advisories/XORP_SA_06:01.ospf.txt
exchange.xforce.ibmcloud.com/vulnerabilities/29658