This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
The remote service may be affected by a buffer overflow
According to its self-reported version number, the installation of
Quagga listening on the remote host is potentially affected by a
stack-based buffer overflow that occurs in the OSPF API server
('ospf_api.c') when it receives an LSA larger than 1488 bytes.
The vulnerability is only present when Quagga is compiled with the
'--enable-opaque-lsa' flag and the OSPF API server is running (ospfd is
run with the '-a' parameter). Exploitation of this issue may lead to a
denial of service or arbitrary code execution.
See also :
Upgrade to version 0.99.22.2 or later.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.7
Public Exploit Available : false
Nessus Plugin ID: 70761 ()
Bugtraq ID: 60955
CVE ID: CVE-2013-2236
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.