RIP-2 Poisoning Routing Table Modification

medium Nessus Plugin ID 39589

Language:

Synopsis

It might be possible to hijack connections on this network.

Description

This host is running a RIP-2 agent.

RIP-2 requests can be authenticated but Nessus cannot check this in the current configuration.

If authentication is not implemented, an attacker on the same network may feed the target machine bogus routes and hijack network connections.

Note that this may be a false positive.

Solution

Either disable the RIP agent if it is not used or implement RIP-2 authentication.

Plugin Details

Severity: Medium

ID: 39589

File Name: rip2_poison_lan.nasl

Version: Revision: 1.7

Type: remote

Family: Misc.

Published: 7/2/2009

Updated: 12/9/2016

Supported Sensors: Nessus

Vulnerability Information

Required KB Items: Services/udp/rip

Detections

Analytics