Summary
A remote DoS exists in Zebra and/or Quagga when sending a telnet option delimiter with no actual option data.
An attacker may exploit this flaw to prevent this host from doing proper routing.
This affects all versions from 0.90a to 0.93b.
Solution
Quagga Version 0.96.4.
Also see: http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=107140
Severity
Classification
-
CVE CVE-2003-0795, CVE-2003-0858 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- FreeType Memory Corruption and Buffer Overflow Vulnerabilities (Windows)
- ClamAV Recursion Level Handling Denial of Service Vulnerability (Windows)
- AVG Anti-Virus UPX Processing Denial of Service Vulnerability
- Asterisk T.38 Negotiation Remote Denial Of Service Vulnerability
- Apache Tomcat Content-Type Header Denial Of Service Vulnerability