oss-sec mailing list archives
Re: CVE request: Quagga OSPF-API stack overrun
From: Kurt Seifried <kseifried () redhat com>
Date: Wed, 03 Jul 2013 20:06:28 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 07/03/2013 03:14 PM, David Lamparter wrote:
Hi, I guess I need a CVE number for this, we've discovered a local network exploitable stack overrun in Quagga's ospfd. Reference: http://lists.quagga.net/pipermail/quagga-dev/2013-July/010621.html Cheers, -David (Quagga maintainer)
Please use CVE-2013-2236 for this issue. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iQIcBAEBAgAGBQJR1NikAAoJEBYNRVNeJnmTAG4QANY+YzJfkiSoHeuAg7sjlJvt iEYl7tGVg3eejA18SrqiBtFv9/QT+8gyvHStlAO8VK/nVwIB1vuH8zbLMDq/77rg c94f/NCfUk6LNDhOx8HrjX6hDmrYpJZ3wAF+8cuu2iIew04Bpov2O1VMyWqisshM N4zo2cYKObeqlnVjMr8Nq42A11Jk99vXq2QTRDX3IKiZDFKLThue+G4gG25ffGUD Rf1vFY99ctcNbNai+CaujkdO+JnlM6t3Na4mK/1RD/ZAqjtLoAHQyJdCmO72dKe6 K3Ew2z9NcD4tA0IJ6MsF+HbMKdRLxXN89aI95/McKjTxhcImDwVGyOVNCQYfs00E y5OKUASrfHauQkvdHfbQ3toeCaYe8pJB+87PBlqq5DWE0QXFqXcqdRoB43m+K1/z mvQW8zvlg0VZaozScM9xeVNoRWwHSk+biMCixkbCydb915VKGVCWmAIYIKoTjEQd 8wEH7rq8W42lgZ/rPhK7bErPbRIIhSQPGgi1PVB6BoImbDx0wrWoauaXaW3zqgSl kHszTObV3atTCmAEUzIjYk6rod3mLzl8zvVqfaW9yXfaihBmjJpWuv0jRrmLb5iP dq/30TF4rLD2D3liwDocerzDSP8T4Mhd5/BcU/VvQmdKCCR2U7B8Y1rhaxpW4/Aa 1G5X8ZlaG7HNSdV10VWG =/ILj -----END PGP SIGNATURE-----
Current thread:
- CVE request: Quagga OSPF-API stack overrun David Lamparter (Jul 03)
- Re: CVE request: Quagga OSPF-API stack overrun Kurt Seifried (Jul 03)