Your submission was sent successfully! Close

CVE-2012-0249

Published: 5 April 2012

Buffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a Link State Update (aka LS Update) packet that is smaller than the length specified in its header.

Priority

Medium

Status

Package Release Status
quagga
Launchpad, Ubuntu, Debian
hardy Ignored
(reached end-of-life)
lucid
Released (0.99.20.1-0ubuntu0.10.04.2)
maverick Ignored
(reached end-of-life)
natty
Released (0.99.20.1-0ubuntu0.11.04.2)
oneiric
Released (0.99.20.1-0ubuntu0.11.10.2)
precise
Released (0.99.20.1-0ubuntu0.12.04.2)
upstream
Released (0.99.20.1-1)