5

CVE-2006-2224

Exploit
RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly enforce RIPv2 authentication requirements, which allows remote attackers to modify routing state via RIPv1 RESPONSE packets.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 10.36% 0.951
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:P/A:N
CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc
http://secunia.com/advisories/20782
Vendor Advisory
http://secunia.com/advisories/19910
Patch
Vendor Advisory
http://secunia.com/advisories/20137
Vendor Advisory
http://secunia.com/advisories/20138
Vendor Advisory
http://secunia.com/advisories/20221
Vendor Advisory
http://secunia.com/advisories/20420
Vendor Advisory
http://secunia.com/advisories/20421
Vendor Advisory
http://secunia.com/advisories/21159
Vendor Advisory
http://securitytracker.com/id?1016204
http://www.debian.org/security/2006/dsa-1059
http://www.gentoo.org/security/en/glsa/glsa-200605-15.xml
http://www.novell.com/linux/security/advisories/2006_17_sr.html
http://www.redhat.com/support/errata/RHSA-2006-0525.html
http://www.redhat.com/support/errata/RHSA-2006-0533.html
http://www.securityfocus.com/archive/1/432823/100/0/threaded
http://www.securityfocus.com/bid/17808
Patch
Exploit
https://usn.ubuntu.com/284-1/
http://bugzilla.quagga.net/show_bug.cgi?id=262
Patch
http://www.osvdb.org/25225
http://www.securityfocus.com/archive/1/432856/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/26251
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10775