Back to search
CVE-2016-4049
Published: May 23, 2016
Modified: Aug 6, 2024
PUBLISHED
Description
The bgp_dump_routes_func function in bgpd/bgp_dump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service (assertion failure and daemon crash) via a large BGP packet.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2017:0794
vendor-advisory
x_refsource_REDHAT
GLSA-201701-48
vendor-advisory
x_refsource_GENTOO
1035699
vdb-entry
x_refsource_SECTRACK
[oss-security] 20160427 CVE-2016-4049: Denial of Service Vulnerability in Quagga BGP Routing Daemon (bgpd)
mailing-list
x_refsource_MLIST
openSUSE-SU-2016:1313
vendor-advisory
x_refsource_SUSE
[quagga-dev] 20160125 [quagga-dev 14619] SIGABRT while dumping BGP routes (bgpd)
mailing-list
x_refsource_MLIST
88561
vdb-entry
x_refsource_BID
[quagga-dev] 20160203 [quagga-dev 14663] Re: SIGABRT while dumping BGP routes (bgpd)
mailing-list
x_refsource_MLIST
DSA-3654
vendor-advisory
x_refsource_DEBIAN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now