CVE-2006-2224
EPSS 20.2%Published: 5/5/2006Modified: 6/4/2024
Description
RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly enforce RIPv2 authentication requirements, which allows remote attackers to modify routing state via RIPv1 RESPONSE packets.
Affected packages (1)
- Debian/quaggafrom 0, < 0.99.3-2
References (23)
- ADVISORYftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc
- ADVISORYhttp://secunia.com/advisories/20137
- ADVISORYhttp://secunia.com/advisories/20138
- ADVISORYhttp://secunia.com/advisories/20221
- ADVISORYhttp://secunia.com/advisories/20420
- ADVISORYhttp://secunia.com/advisories/20421
- ADVISORYhttp://secunia.com/advisories/20782
- ADVISORYhttp://secunia.com/advisories/21159
- ADVISORYhttp://www.debian.org/security/2006/dsa-1059
- ADVISORYhttp://www.novell.com/linux/security/advisories/2006_17_sr.html
- PATCHhttp://bugzilla.quagga.net/show_bug.cgi?id=262
- PATCHhttp://secunia.com/advisories/19910
- PATCHhttp://www.securityfocus.com/bid/17808
- WEBhttp://securitytracker.com/id?1016204
- WEBhttps://exchange.xforce.ibmcloud.com/vulnerabilities/26251
- WEBhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10775
- WEBhttps://usn.ubuntu.com/284-1/
- WEBhttp://www.gentoo.org/security/en/glsa/glsa-200605-15.xml
- WEBhttp://www.osvdb.org/25225
- WEBhttp://www.redhat.com/support/errata/RHSA-2006-0525.html
- WEBhttp://www.redhat.com/support/errata/RHSA-2006-0533.html
- WEBhttp://www.securityfocus.com/archive/1/432823/100/0/threaded
- WEBhttp://www.securityfocus.com/archive/1/432856/100/0/threaded