Stack-based Buffer Overflow in Quagga's Zebra Daemon

Stack-based Buffer Overflow in Quagga's Zebra Daemon

CVE-2016-1245 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

It was discovered that the zebra daemon in Quagga before 1.0.20161017 suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages. The root cause was relying on BUFSIZ to be compatible with a message size; however, BUFSIZ is system-dependent.

Learn more about our Web Application Penetration Testing UK.