HIGH
Quagga
CVE published 2017-01-24
CVE-2017-5495
CVE-2017-5495 describes a denial-of-service flaw in Quagga’s telnet-based vty CLI. If the CLI is exposed, a remote attacker who can reach the TCP port can send input without a newline and cause the vty buffer to grow without bound, driving unbounded memory allocation. The impact ranges from daemon termination to full host memory exhaustion. The CVE record notes the issue is fixed in Quagga 1.1.1 and the F [truncated]