CVE-2013-2236
Published: 23 October 2013
Stack-based buffer overflow in the new_msg_lsa_change_notify function in the OSPFD API (ospf_api.c) in Quagga before 0.99.22.2, when --enable-opaque-lsa and the -a command line option are used, allows remote attackers to cause a denial of service (crash) via a large LSA.
Notes
Author | Note |
---|---|
jdstrand | requires --enable-opaque-lsa during the build (true for Ubuntu 10.04 LTS and higher) also requires starting ospfd with '-a'. ospfd is not enabled by default and the configuration in /etc/quagga/debian.conf does not include '-a'. Per upstream, normal protection measures (eg, packet filtering, listening on internal network, etc) would prevent this. Furthermore, it is difficult to exploit. Considering the above, downgrading to 'low' |
Priority
Status
Package | Release | Status |
---|---|---|
quagga Launchpad, Ubuntu, Debian |
lucid |
Ignored
(end of life)
|
precise |
Released
(0.99.20.1-0ubuntu0.12.04.4)
|
|
quantal |
Ignored
(end of life)
|
|
raring |
Ignored
(end of life)
|
|
saucy |
Ignored
(end of life)
|
|
trusty |
Does not exist
(trusty was not-affected [0.99.22.4-1])
|
|
upstream |
Released
(0.99.22.3)
|
|
utopic |
Not vulnerable
(0.99.22.4-1)
|
|
vivid |
Not vulnerable
(0.99.22.4-1)
|
|
wily |
Not vulnerable
(0.99.22.4-1)
|
|
Patches: proposed: http://lists.quagga.net/pipermail/quagga-dev/2013-July/010625.html upstream: http://lists.quagga.net/pipermail/quagga-dev/2013-July/010639.html vendor: http://www.debian.org/security/2013/dsa-2803 upstream: http://git.savannah.gnu.org/gitweb/?p=quagga.git;a=commit;h=c51443f4aa6b7f0b0d6ad5409ad7d4b215092443 |