This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
The remote service may be affected by a buffer overflow
According to its self-reported version number, the installation of
Quagga listening on the remote host is potentially affected by a
stack-based buffer overflow that occurs in the OSPF API server
('ospf_api.c') when it receives an LSA larger than 1488 bytes.
The vulnerability is only present when Quagga is compiled with the
'--enable-opaque-lsa' flag and the OSPF API server is running (ospfd is
run with the '-a' parameter). Exploitation of this issue may lead to a
denial of service or arbitrary code execution.
See also :
Upgrade to version 0.99.22.2 or later.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.7
Public Exploit Available : false