Published: 05/05/2006 Updated: 18/10/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

RIPd in Quagga 0.98 and 0.99 prior to 20060503 does not properly implement configurations that (1) disable RIPv1 or (2) require plaintext or MD5 authentication, which allows remote malicious users to obtain sensitive information (routing state) via REQUEST packets such as SEND UPDATE.

Vulnerable Product	Search on Vulmon	Subscribe to Product
quagga quagga 0.98.5
quagga quagga 0.99.3

Debian Bug report logs - #365940 SECURITY: Quagga RIPD unauthenticated route injection Package: quagga; Maintainer for quagga is Brett Parker <iDunno@sommitrealweirdcouk>; Source for quagga is src:quagga (PTS, buildd, popcon) Reported by: Christian Hammers <ch@debianorg> Date: Wed, 3 May 2006 20:48:31 UTC Severi ...

Paul Jakma discovered that Quagga’s ripd daemon did not properly handle authentication of RIPv1 requests If the RIPv1 protocol had been disabled, or authentication for RIPv2 had been enabled, ripd still replied to RIPv1 requests, which could lead to information disclosure (CVE-2006-2223) ...

Konstantin Gavrilenko discovered several vulnerabilities in quagga, the BGP/OSPF/RIP routing daemon The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2006-2223 Remote attackers may obtain sensitive information via RIPv1 REQUEST packets even if the quagga has been configured to use MD5 authenticati ...

source: wwwsecurityfocuscom/bid/17808/info Quagga is susceptible to remote information-disclosure and route-injection vulnerabilities The application fails to properly ensure that required authentication and protocol configuration options are enforced These issues allow remote attackers to gain access to potentially sensitive network-r ...

CVE-2006-2223

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect