summaryrefslogtreecommitdiff
path: root/HACKING
diff options
context:
space:
mode:
authorCROSS <info@codenomicon.com>2011-09-26 13:17:05 +0400
committerDenis Ovsienko <infrastation@yandex.ru>2011-09-26 18:46:16 +0400
commit94431dbc753171b48b5c6806af97fd690813b00a (patch)
tree463b917f9f80236be01e4502863b34ae2d52b53d /HACKING
parenta0bf59bcac8b40c3f83e7f2e7f65087ece6acfc7 (diff)
bgpd: CVE-2011-3327 (ext. comm. buffer overflow)
This vulnerability (CERT-FI #513254) was reported by CROSS project. They have also suggested a fix to the problem, which was found acceptable. The problem occurs when bgpd receives an UPDATE message containing 255 unknown AS_PATH attributes in Path Attribute Extended Communities. This causes a buffer overlow in bgpd. * bgp_ecommunity.c * ecommunity_ecom2str(): perform size check earlier
Diffstat (limited to 'HACKING')
0 files changed, 0 insertions, 0 deletions