Stack-based Buffer Overflow in Quagga's BGP NLRI Parser

Stack-based Buffer Overflow in Quagga's BGP NLRI Parser

CVE-2016-2342 · HIGH Severity

AV:N/AC:H/AU:N/C:C/I:C/A:C

The bgp_nlri_parse_vpnv4 function in bgp_mplsvpn.c in the VPNv4 NLRI parser in bgpd in Quagga before 1.0.20160309, when a certain VPNv4 configuration is used, relies on a Labeled-VPN SAFI routes-data length field during a data copy, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted packet.

Learn more about our Web Application Penetration Testing UK.