CVE-2010-2948

Name of the Vulnerable Software and Affected Versions Quagga versions prior to 0.99.17 Quagga versions 0.98.3 and 0.98.6

Description The issue concerns multiple vulnerabilities in the Quagga package, which can lead to a disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely by an attacker who has passed the authentication procedure. Specifically, a stack-based buffer overflow in the bgp route refresh receive function in bgp packet.c in bgpd allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via a malformed Outbound Route Filtering (ORF) record in a BGP ROUTE-REFRESH (RR) message.

Recommendations For Quagga versions prior to 0.99.17, update to version 0.99.17 or later to resolve the issue. For Quagga versions 0.98.3 and 0.98.6, consider disabling the bgp route refresh receive function as a temporary workaround until a patch is available. Restrict access to the vulnerable bgpd module to minimize the risk of exploitation. Avoid using the bgp packet.c file in the affected Quagga package until the issue is resolved. At the moment, there is no information about additional mitigation measures.