5

CVE-2006-2223

Exploit
RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly implement configurations that (1) disable RIPv1 or (2) require plaintext or MD5 authentication, which allows remote attackers to obtain sensitive information (routing state) via REQUEST packets such as SEND UPDATE.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
QuaggaQuagga Version0.98.5
QuaggaQuagga Version0.99.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 11.28% 0.954
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc
http://secunia.com/advisories/20782
Vendor Advisory
http://bugzilla.quagga.net/show_bug.cgi?id=261
http://secunia.com/advisories/19910
Patch
Vendor Advisory
http://secunia.com/advisories/20137
Vendor Advisory
http://secunia.com/advisories/20138
Vendor Advisory
http://secunia.com/advisories/20221
Vendor Advisory
http://secunia.com/advisories/20420
Vendor Advisory
http://secunia.com/advisories/20421
Vendor Advisory
http://secunia.com/advisories/21159
Vendor Advisory
http://securitytracker.com/id?1016204
http://www.debian.org/security/2006/dsa-1059
http://www.gentoo.org/security/en/glsa/glsa-200605-15.xml
http://www.novell.com/linux/security/advisories/2006_17_sr.html
http://www.osvdb.org/25224
http://www.redhat.com/support/errata/RHSA-2006-0525.html
http://www.redhat.com/support/errata/RHSA-2006-0533.html
http://www.securityfocus.com/archive/1/432822/100/0/threaded
http://www.securityfocus.com/archive/1/432823/100/0/threaded
http://www.securityfocus.com/bid/17808
Patch
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/26243
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9985
https://usn.ubuntu.com/284-1/