From URL: Overview Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. Attackers with the ability to transmit messages from a routing domain router may send specially crafted OSPF messages to poison routing tables within the domain. Impact Attackers with the ability to transmit messages from a routing domain router may send specially crafted OSPF messages to erase or alter the routing tables of routers within the domain, resulting in denial of service or the re-routing of traffic on the network. Solution Install Updates The OSPF protocol is a popular interior routing protocol that is used by many devices and manufacturers. This vulnerability is implementation-specific, so some vendors may not be affected. The Vendor Information section below contains known affected or non-affected vendors. Please consult your network equipment vendor to confirm how they are affected by this vulnerability.
Upstream Bug/Proposed Patch:(https://bugzilla.quagga.net/show_bug.cgi?id=493) CVE Source:(http://www.kb.cert.org/vuls/id/793496)
Bug 493 on bugzilla.quagga.net has nothing to do with this issue RedHat guys closed this as WONTFIX, upstream seems not care at all, our move - ?
Sergey, your call as a maintainer and considering red-hat closed with "Wont Fix", up to you if you want to do the same. Considering that upstream doe snot care, we can leave it as a trackable open, or close it as Red-Hat has done.
So many other hardening measures to protect against this.
