{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T09:53:15.918","vulnerabilities":[{"cve":{"id":"CVE-2016-1245","sourceIdentifier":"security@debian.org","published":"2017-02-22T23:59:00.143","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"It was discovered that the zebra daemon in Quagga before 1.0.20161017 suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages. The root cause was relying on BUFSIZ to be compatible with a message size; however, BUFSIZ is system-dependent."},{"lang":"es","value":"Se descubrió que el demonio zebra en Quagga en versiones anteriores a 1.0.20161017 sufrió un desbordamiento de búfer basado en pila al procesar mensajes de Neighbor Discovery de IPv6. La causa raíz radicaba en BUFSIZ para ser compatible con un tamaño de mensaje; sin embargo, BUFSIZ depende del sistema."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:quagga:quagga:*:*:*:*:*:*:*:*","versionEndIncluding":"1.0.20160315","matchCriteriaId":"B646D43D-A1C2-441B-90CE-2929F7BB072A"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"}]}]}],"references":[{"url":"http://rhn.redhat.com/errata/RHSA-2017-0794.html","source":"security@debian.org"},{"url":"http://www.gossamer-threads.com/lists/quagga/users/31952","source":"security@debian.org","tags":["Mailing List","Mitigation","Third Party Advisory"]},{"url":"http://www.securityfocus.com/bid/93775","source":"security@debian.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1386109","source":"security@debian.org","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/Quagga/quagga/commit/cfb1fae25f8c092e0d17073eaf7bd428ce1cd546","source":"security@debian.org","tags":["Patch","Third Party Advisory"]},{"url":"https://security.gentoo.org/glsa/201701-48","source":"security@debian.org"},{"url":"https://www.debian.org/security/2016/dsa-3695","source":"security@debian.org","tags":["Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2017-0794.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.gossamer-threads.com/lists/quagga/users/31952","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Mitigation","Third Party Advisory"]},{"url":"http://www.securityfocus.com/bid/93775","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1386109","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/Quagga/quagga/commit/cfb1fae25f8c092e0d17073eaf7bd428ce1cd546","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://security.gentoo.org/glsa/201701-48","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.debian.org/security/2016/dsa-3695","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}