CVE-2016-1245
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2016-1245
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-1245.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2016-1245
- Related
- Published
- 2017-02-22T23:59:00Z
- Modified
- 2024-08-01T07:30:41.201195Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
It was discovered that the zebra daemon in Quagga before 1.0.20161017 suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages. The root cause was relying on BUFSIZ to be compatible with a message size; however, BUFSIZ is system-dependent.
- References
-
- http://rhn.redhat.com/errata/RHSA-2017-0794.html
- http://www.securityfocus.com/bid/93775
- https://security.gentoo.org/glsa/201701-48
- https://www.debian.org/security/2016/dsa-3695
- http://www.gossamer-threads.com/lists/quagga/users/31952
- https://github.com/Quagga/quagga/commit/cfb1fae25f8c092e0d17073eaf7bd428ce1cd546
- https://bugzilla.redhat.com/show_bug.cgi?id=1386109
Affected packages
Git / github.com/quagga/quagga
Affected ranges
- Type
- GIT
- Repo
- https://github.com/quagga/quagga
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
RE-0.*
RE-0.99.17.1
RE-0.99.17.2
RE-0.99.17.3
RE-0.99.17.4
RE-0.99.17.5
RE-0.99.17.6
Other
bgp_rserver_after
bgp_rserver_before
import_isisd_sf_20031223
libtool-after
libtool-before
merge_zprivs_head_1
merge_zprivs_head_2
merge_zprivs_head_3
merge_zprivs_head_4
nonblocking_zclient_after
nonblocking_zclient_before
nonblocking_zserv_after
nonblocking_zserv_before
ospf_api
patch_revert_debug_nssa_patch
patch_vtysh_add_ssh_fix
patch_vtysh_pagesize
patch_z12269_linkstate
patch_z14599_multicast_inactive_if
patch_z14631_ptp_rfc3021
patch_z14800_ospfd_ptmp
patch_z15554_vtysh_writeconf
patch_z15646_ospfd_seqnum_time
patch_z15715_ospf_md5
patch_z15769_ripv1
patch_z16525_kame
patch_z16681_ospfd_nssa
patch_z16823
patch_z16824_nsm_kill_neighbour
patch_z17217_show_thread_cpu
patch_z17218_cli_walk_up
patch_z17290_ifupstaticfix
patch_z17290_portfix
patch_z17335_ospfd_doc
patch_z17352_ptp_network_match
post_bgp_workqueus
pre-rfc2301
pre_bgp_workqueus
quagga_0_96_1_release
quagga_0_96_2_release
quagga_0_96_3_release
quagga_0_96_4_release
quagga_0_96_5_release
quagga_0_96_release
quagga_0_97_0_release
quagga_0_97_1_release
quagga_0_97_2_release
quagga_0_97_3_release
quagga_0_97_4_release
quagga_0_97_5_release
quagga_0_98_0_release
quagga_0_99_10_release
quagga_0_99_11_release
quagga_0_99_12_release
quagga_0_99_13_release
quagga_0_99_14_release
quagga_0_99_15_release
quagga_0_99_16_release
quagga_0_99_17_release
quagga_0_99_18_release
quagga_0_99_19_release
quagga_0_99_1_release
quagga_0_99_20_release
quagga_0_99_21_release
quagga_0_99_2_release
quagga_0_99_3_release
quagga_0_99_4_release
quagga_0_99_5_release
quagga_0_99_6_release
quagga_0_99_7_release
quagga_0_99_8_release
quagga_0_99_9_release
quagga_post_listloop_cleanup
quagga_pre_listloop_cleanup
rfc3021-ipv6-fix
quagga-0.*
quagga-0.99.22
quagga-0.99.22-rc1
quagga-0.99.23
quagga-0.99.23-rc1
quagga-0.99.24
quagga-0.99.24-rc1
quagga-1.*
quagga-1.0.20160309
quagga-1.0.20160315