diff options
author | CROSS <info@codenomicon.com> | 2011-09-26 13:17:05 +0400 |
---|---|---|
committer | Denis Ovsienko <infrastation@yandex.ru> | 2011-09-26 18:39:37 +0400 |
commit | a1afbc6e1d56b06409de5e8d7d984d565817fd96 (patch) | |
tree | a45dfa998baab938e8373950b7bf4c7af60f6dc1 /ospfd/ospf_flood.c | |
parent | 3eca6f099d5a3aac0b66dfbf98fd8be84ea426b7 (diff) |
bgpd: CVE-2011-3327 (ext. comm. buffer overflow)
This vulnerability (CERT-FI #513254) was reported by CROSS project.
They have also suggested a fix to the problem, which was found
acceptable.
The problem occurs when bgpd receives an UPDATE message containing
255 unknown AS_PATH attributes in Path Attribute Extended Communities.
This causes a buffer overlow in bgpd.
* bgp_ecommunity.c
* ecommunity_ecom2str(): perform size check earlier
Diffstat (limited to 'ospfd/ospf_flood.c')
0 files changed, 0 insertions, 0 deletions