CVE-2011-3324

N/A Unknown

Published: October 10, 2011 Modified: April 29, 2026

Description

The ospf6_lsa_is_changed function in ospf6_lsa.c in the OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via trailing zero values in the Link State Advertisement (LSA) header list of an IPv6 Database Description message.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://code.quagga.net/?p=quagga.git%3Ba=commit%3Bh=09395e2a0e93b2cf4258cb1de91887948796bb68

Source: cret@cert.org

http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00027.html

Source: cret@cert.org

http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00007.html

Source: cret@cert.org

http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00010.html

Source: cret@cert.org

http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html

Source: cret@cert.org

http://rhn.redhat.com/errata/RHSA-2012-1258.html

Source: cret@cert.org

http://rhn.redhat.com/errata/RHSA-2012-1259.html

Source: cret@cert.org

http://secunia.com/advisories/46139

Source: cret@cert.org

Vendor Advisory

http://secunia.com/advisories/46274

Source: cret@cert.org

http://secunia.com/advisories/48106

Source: cret@cert.org

http://security.gentoo.org/glsa/glsa-201202-02.xml

Source: cret@cert.org

http://www.debian.org/security/2011/dsa-2316

Source: cret@cert.org

http://www.kb.cert.org/vuls/id/668534

Source: cret@cert.org

US Government Resource

http://www.quagga.net/download/quagga-0.99.19.changelog.txt

Source: cret@cert.org

https://www.cert.fi/en/reports/2011/vulnerability539178.html

Source: cret@cert.org

http://code.quagga.net/?p=quagga.git%3Ba=commit%3Bh=09395e2a0e93b2cf4258cb1de91887948796bb68

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00027.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00007.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00010.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2012-1258.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2012-1259.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/46139

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/46274

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/48106

Source: af854a3a-2127-422b-91ae-364da2661108

http://security.gentoo.org/glsa/glsa-201202-02.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2011/dsa-2316

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.kb.cert.org/vuls/id/668534

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.quagga.net/download/quagga-0.99.19.changelog.txt

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.cert.fi/en/reports/2011/vulnerability539178.html

Source: af854a3a-2127-422b-91ae-364da2661108

30 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

4.7%

91th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-399

Affected Vendors

quagga

Related CVEs

CVE-2026-9677 N/A

CVE-2026-13245 6.1

CVE-2026-12404 5.3

CVE-2026-10820 N/A

CVE-2026-12415 9.8