Denial of Service Vulnerability in Quagga BGP Implementation

Denial of Service Vulnerability in Quagga BGP Implementation

CVE-2012-0255 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The BGP implementation in bgpd in Quagga before 0.99.20.1 does not properly use message buffers for OPEN messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a message associated with a malformed Four-octet AS Number Capability (aka AS4 capability).

Learn more about our Web Application Penetration Testing UK.