PT-2006-6144 · Xorp · Xorp

Published

2006-10-20

Updated

2017-07-20

CVE-2006-5425

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions XORP (eXtensible Open Router Platform) versions 1.2 through 1.3

Description The issue allows remote attackers to cause a denial of service, resulting in an application crash. This is achieved by sending an Open Shortest Path First (OSPF) Link State Advertisement (LSA) with an invalid LSA length field.

Recommendations For XORP (eXtensible Open Router Platform) versions 1.2 through 1.3, consider restricting or validating OSPF LSA packets to prevent the application crash until a fix is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-5425

Affected Products

Xorp

PT-2006-6144 · Xorp · Xorp

CVE-2006-5425

Related Identifiers

Affected Products

References · 9