VDB
CVE-2006-2223
CVE-2006-2223
PUBLISHED
Reported by mitre · Published May 5, 2006
RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly implement configurations that (1) disable RIPv1 or (2) require plaintext or MD5 authentication, which allows remote attackers to obtain sensitive information (routing state) via REQUEST packets such as SEND UPDATE.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | *, n/a, n/a |
Exploit Intelligence
- http://www.securityfocus.com/bid/17808 (vulncheck-nvd)
Timeline
- May 3, 2006 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- SUSE-SR:2006:017 vendor-advisoryx_refsource_SUSE
- USN-284-1 vendor-advisoryx_refsource_UBUNTU
- quagga-ripv1-information-disclosure(26243) vdb-entryx_refsource_XF
- 20782 third-party-advisoryx_refsource_SECUNIA
- 20138 third-party-advisoryx_refsource_SECUNIA
- 20060503 Re: Quagga RIPD unauthenticated route injection mailing-listx_refsource_BUGTRAQ
- 20421 third-party-advisoryx_refsource_SECUNIA
- 20060602-01-U vendor-advisoryx_refsource_SGI
- 25224 vdb-entryx_refsource_OSVDB
- RHSA-2006:0525 vendor-advisoryx_refsource_REDHAT
- 20137 third-party-advisoryx_refsource_SECUNIA
- x_refsource_CONFIRM
- 1016204 vdb-entryx_refsource_SECTRACK
- 19910 third-party-advisoryx_refsource_SECUNIA
- oval:org.mitre.oval:def:9985 vdb-entrysignaturex_refsource_OVAL
- 17808 vdb-entryx_refsource_BID
- RHSA-2006:0533 vendor-advisoryx_refsource_REDHAT
- GLSA-200605-15 vendor-advisoryx_refsource_GENTOO
- 21159 third-party-advisoryx_refsource_SECUNIA
- 20060503 Quagga RIPD unauthenticated route table broadcast mailing-listx_refsource_BUGTRAQ
…and 3 more