Heap-based Buffer Overflow in Quagga BGP Daemon Allows Remote Code Execution

Heap-based Buffer Overflow in Quagga BGP Daemon Allows Remote Code Execution

CVE-2011-3327 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Heap-based buffer overflow in the ecommunity_ecom2str function in bgp_ecommunity.c in bgpd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by sending a crafted BGP UPDATE message over IPv4.

Learn more about our Web Application Penetration Testing UK.