[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-2224Date: (C)2006-05-05   (M)2023-12-22


RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly enforce RIPv2 authentication requirements, which allows remote attackers to modify routing state via RIPv1 RESPONSE packets.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: PARTIAL
Availability: NONE
  
Reference:
SECTRACK-1016204
BID-17808
SECUNIA-19910
http://www.securityfocus.com/archive/1/432856/100/0/threaded
http://www.securityfocus.com/archive/1/432823/100/0/threaded
20060602-01-U
SECUNIA-20137
SECUNIA-20138
SECUNIA-20221
SECUNIA-20420
SECUNIA-20421
SECUNIA-20782
SECUNIA-21159
OSVDB-25225
DSA-1059
GLSA-200605-15
RHSA-2006:0525
RHSA-2006:0533
SUSE-SR:2006:017
USN-284-1
http://bugzilla.quagga.net/show_bug.cgi?id=262
oval:org.mitre.oval:def:10775
quagga-ripd-ripv1-response-security-bypass(26251)

CWE    1
CWE-287

© SecPod Technologies