Mandriva Linux Security Advisory : quagga (MDVSA-2013:254)
Low Nessus Plugin ID 70521
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionUpdated quagga packages fix security vulnerability :
Remotely exploitable buffer overflow in ospf_api.c and ospfclient.c when processing LSA messages in quagga before 0.99.22.2 (CVE-2013-2236).
Note: We have worked around this vulnerability by disabling the ospf_api and ospfclient features, which did not provide useful functionality.
SolutionUpdate the affected packages.