CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
90.7%
The BGP implementation in bgpd in Quagga before 0.99.20.1 does not properly
use message buffers for OPEN messages, which allows remote attackers to
cause a denial of service (assertion failure and daemon exit) via a message
associated with a malformed Four-octet AS Number Capability (aka AS4
capability).