Detections
Analytics
CVE-2006-2223
high
Description
RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly implement configurations that (1) disable RIPv1 or (2) require plaintext or MD5 authentication, which allows remote attackers to obtain sensitive information (routing state) via REQUEST packets such as SEND UPDATE.
References
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9985
https://exchange.xforce.ibmcloud.com/vulnerabilities/26243
http://www.securityfocus.com/archive/1/432823/100/0/threaded
http://www.securityfocus.com/archive/1/432822/100/0/threaded
http://www.redhat.com/support/errata/RHSA-2006-0533.html
http://www.redhat.com/support/errata/RHSA-2006-0525.html
http://www.novell.com/linux/security/advisories/2006_17_sr.html
http://www.gentoo.org/security/en/glsa/glsa-200605-15.xml
http://www.debian.org/security/2006/dsa-1059
http://securitytracker.com/id?1016204
http://secunia.com/advisories/21159
http://secunia.com/advisories/20782
http://secunia.com/advisories/20421
http://secunia.com/advisories/20420
http://secunia.com/advisories/20221
http://secunia.com/advisories/20138
http://secunia.com/advisories/20137