Stack-based buffer overflow in the bgp_route_refresh_receive function in
bgp_packet.c in bgpd in Quagga before 0.99.17 allows remote authenticated
users to cause a denial of service (daemon crash) or possibly execute
arbitrary code via a malformed Outbound Route Filtering (ORF) record in a
BGP ROUTE-REFRESH (RR) message.
Updated: 2015-07-29 20:38:49 UTC (commit 9756)