Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.9
CVSSv2

CVE-2006-2276

Published: 10/05/2006 Updated: 03/10/2018
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
VMScore: 436
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Subscribe to Quagga

Vulnerability Summary

bgpd in Quagga 0.98 and 0.99 prior to 20060504 allows local users to cause a denial of service (CPU consumption) via a certain sh ip bgp command entered in the telnet interface.

Vulnerable Product Search on Vulmon Subscribe to Product

quagga quagga 0.98.5

quagga quagga 0.99.3

Vendor Advisories

Ubuntu Security Notice: quagga vulnerabilities
Paul Jakma discovered that Quagga’s ripd daemon did not properly handle authentication of RIPv1 requests If the RIPv1 protocol had been disabled, or authentication for RIPv2 had been enabled, ripd still replied to RIPv1 requests, which could lead to information disclosure (CVE-2006-2223) ...
Debian CVElist Bug Report Logs: CVE-2006-2276: bgpd denial of service in bgpd telnet interface
Debian Bug report logs - #366980 CVE-2006-2276: bgpd denial of service in bgpd telnet interface Package: quagga; Maintainer for quagga is Brett Parker <iDunno@sommitrealweirdcouk>; Source for quagga is src:quagga (PTS, buildd, popcon) Reported by: Stefan Fritsch <sf@sfritschde> Date: Fri, 12 May 2006 16:18:11 UTC ...
Debian CVElist Bug Report Logs: SECURITY: Quagga RIPD unauthenticated route injection
Debian Bug report logs - #365940 SECURITY: Quagga RIPD unauthenticated route injection Package: quagga; Maintainer for quagga is Brett Parker <iDunno@sommitrealweirdcouk>; Source for quagga is src:quagga (PTS, buildd, popcon) Reported by: Christian Hammers <ch@debianorg> Date: Wed, 3 May 2006 20:48:31 UTC Severi ...
Debian Security Advisories: DSA-1059-1 quagga -- several vulnerabilities
Konstantin Gavrilenko discovered several vulnerabilities in quagga, the BGP/OSPF/RIP routing daemon The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2006-2223 Remote attackers may obtain sensitive information via RIPv1 REQUEST packets even if the quagga has been configured to use MD5 authenticati ...

References

CWE-399http://lists.quagga.net/pipermail/quagga-dev/2006-March/004052.htmlhttp://www.quagga.net/news2.php?y=2006&m=5&d=4#id1146764580http://www.osvdb.org/25245http://www.securityfocus.com/bid/17979http://secunia.com/advisories/20116http://secunia.com/advisories/20137http://www.debian.org/security/2006/dsa-1059http://www.gentoo.org/security/en/glsa/glsa-200605-15.xmlhttp://secunia.com/advisories/20138http://secunia.com/advisories/20221http://www.redhat.com/support/errata/RHSA-2006-0525.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0533.htmlhttp://securitytracker.com/id?1016204http://secunia.com/advisories/20420http://secunia.com/advisories/20421ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.aschttp://secunia.com/advisories/20782https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10651https://usn.ubuntu.com/284-1/https://usn.ubuntu.com/284-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook