CVE-2006-2224

Published: May 5, 2006Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly enforce RIPv2 authentication requirements, which allows remote attackers to modify routing state via RIPv1 RESPONSE packets.

Affected (5)

Products: Quagga: Quagga Routing Software Suite

1 product

Quagga Routing Software Suite

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Quagga Quagga Routing Software Suite	Up to 0.99.3
Quagga Quagga Routing Software Suite	Version 0.95
Quagga Quagga Routing Software Suite	Version 0.96.2
Quagga Quagga Routing Software Suite	Version 0.96.3
Quagga Quagga Routing Software Suite	Version 0.98.5

Related CWEs

Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (46)

ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc (unsafe URL)

Source: cve@mitre.org

http://bugzilla.quagga.net/show_bug.cgi?id=262

Source: cve@mitre.org

Patch

http://secunia.com/advisories/19910

Source: cve@mitre.org

PatchVendor Advisory

http://secunia.com/advisories/20137

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/20138

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/20221

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/20420

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/20421

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/20782

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/21159

Source: cve@mitre.org

Vendor Advisory

http://securitytracker.com/id?1016204

Source: cve@mitre.org

http://www.debian.org/security/2006/dsa-1059

Source: cve@mitre.org

http://www.gentoo.org/security/en/glsa/glsa-200605-15.xml

Source: cve@mitre.org

http://www.novell.com/linux/security/advisories/2006_17_sr.html

Source: cve@mitre.org

http://www.osvdb.org/25225

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2006-0525.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2006-0533.html

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/432823/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/432856/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/17808

Source: cve@mitre.org

ExploitPatch

https://exchange.xforce.ibmcloud.com/vulnerabilities/26251

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10775

Source: cve@mitre.org

https://usn.ubuntu.com/284-1/

Source: cve@mitre.org

ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc (unsafe URL)

Source: af854a3a-2127-422b-91ae-364da2661108

http://bugzilla.quagga.net/show_bug.cgi?id=262

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://secunia.com/advisories/19910

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://secunia.com/advisories/20137

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/20138

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/20221

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/20420

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/20421

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/20782

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/21159

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://securitytracker.com/id?1016204

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2006/dsa-1059

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.gentoo.org/security/en/glsa/glsa-200605-15.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.novell.com/linux/security/advisories/2006_17_sr.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/25225

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2006-0525.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2006-0533.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/432823/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/432856/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/17808

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatch

https://exchange.xforce.ibmcloud.com/vulnerabilities/26251

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10775

Source: af854a3a-2127-422b-91ae-364da2661108

https://usn.ubuntu.com/284-1/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.