CVE-2006-2223
published 2006-05-05CVE-2006-2223: RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly implement configurations that (1) disable RIPv1 or (2) require plaintext or MD5 authentication…
PriorityP434medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
11.28%
95.4th percentile
RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly implement configurations that (1) disable RIPv1 or (2) require plaintext or MD5 authentication, which allows remote attackers to obtain sensitive information (routing state) via REQUEST packets such as SEND UPDATE.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| quagga | quagga | — | — |
| quagga | quagga | — | — |
| quagga | quagga | >= 0 < 0.99.3-2 | 0.99.3-2 |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv5.0MEDIUM
vendor_redhat5.0MEDIUM
vendor_ubuntu5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-xx8x-qm77-m9x3: RIPd in Quagga 0
ghsa_unreviewed·2022-05-03
CVE-2006-2223 [MEDIUM] CWE-20 GHSA-xx8x-qm77-m9x3: RIPd in Quagga 0
RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly implement configurations that (1) disable RIPv1 or (2) require plaintext or MD5 authentication, which allows remote attackers to obtain sensitive information (routing state) via REQUEST packets such as SEND UPDATE.
OSV
CVE-2006-2223: RIPd in Quagga 0
osv·2006-05-05·CVSS 5.0
CVE-2006-2223 [MEDIUM] CVE-2006-2223: RIPd in Quagga 0
RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly implement configurations that (1) disable RIPv1 or (2) require plaintext or MD5 authentication, which allows remote attackers to obtain sensitive information (routing state) via REQUEST packets such as SEND UPDATE.
Ubuntu
Quagga vulnerabilities
vendor_ubuntu·2006-05-16·CVSS 5.0
CVE-2006-2276 [MEDIUM] Quagga vulnerabilities
Title: Quagga vulnerabilities
Summary: Quagga vulnerabilities
Paul Jakma discovered that Quagga's ripd daemon did not properly
handle authentication of RIPv1 requests. If the RIPv1 protocol had
been disabled, or authentication for RIPv2 had been enabled, ripd
still replied to RIPv1 requests, which could lead to information
disclosure. (CVE-2006-2223)
Paul Jakma also noticed that ripd accepted unauthenticated RIPv1
response packets if RIPv2 was configured to require authentication and
both protocols were allowed. A remote attacker could exploit this to
inject arbitrary routes. (CVE-2006-2224)
Fredrik Widell discovered that Quagga did not properly handle certain
invalid 'sh ip bgp' commands. By sending special commands to Quagga, a
remote attacker with telnet access to the Quagga server
Red Hat
security flaw
vendor_redhat·2006-05-03·CVSS 5.0
CVE-2006-2223 [MEDIUM] security flaw
security flaw
RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly implement configurations that (1) disable RIPv1 or (2) require plaintext or MD5 authentication, which allows remote attackers to obtain sensitive information (routing state) via REQUEST packets such as SEND UPDATE.
No detection rules found.
Bugzilla
CVE-2006-2223 security flaw
bugzilla·2018-08-16·CVSS 5.0
CVE-2006-2223 [MEDIUM] CVE-2006-2223 security flaw
CVE-2006-2223 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly implement configurations that (1) disable RIPv1 or (2) require plaintext or MD5 authentication, which allows remote attackers to obtain sensitive information (routing state) via REQUEST packets such as SEND UPDATE.
Bugzilla
CVE-2006-2223 zebra RIPd information disclosure
bugzilla·2006-05-22·CVSS 5.0
CVE-2006-2223 [MEDIUM] CVE-2006-2223 zebra RIPd information disclosure
CVE-2006-2223 zebra RIPd information disclosure
RIPd in Quagga does not honor version control for REQUEST packets.
Quagga will respond to these packages for RIP versions which have been
disabled, or require authentication. This could cause Quagga to leak
information about the network to a remote attacker.
http://bugzilla.quagga.net/show_bug.cgi?id=261
This issue also affects zebra
Discussion:
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.
http://rhn.redhat.com/errata/RHSA-2006-0533.html
Bugzilla
CVE-2006-2223 Quagga RIPd information disclosure
bugzilla·2006-05-08·CVSS 5.0
CVE-2006-2223 [MEDIUM] CVE-2006-2223 Quagga RIPd information disclosure
CVE-2006-2223 Quagga RIPd information disclosure
Quagga RIPd information disclosure
RIPd in Quagga does not honor version control for REQUEST packets.
Quagga will respond to these packages for RIP versions which have been
disabled, or require authentication. This could cause Quagga to leak
information about the network to a remote attacker.
http://bugzilla.quagga.net/show_bug.cgi?id=261
This issue also affects RHEL3
Discussion:
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.
http://rhn.redhat.com/errata
Bugzilla
CVE-2006-2223 Quagga RIPd information disclosure
bugzilla·2006-05-08·CVSS 5.0
CVE-2006-2223 [MEDIUM] CVE-2006-2223 Quagga RIPd information disclosure
CVE-2006-2223 Quagga RIPd information disclosure
Quagga RIPd information disclosure
RIPd in Quagga does not honor version control for REQUEST packets.
Quagga will respond to these packages for RIP versions which have been
disabled, or require authentication. This could cause Quagga to leak
information about the network to a remote attacker.
http://bugzilla.quagga.net/show_bug.cgi?id=261
This issue also affects FC4
Discussion:
quagga-0.98.6-1.FC5 has been pushed for fc5, which should resolve this issue. If these problems are still present in this version, then please make note of it in this bug report.
ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.aschttp://bugzilla.quagga.net/show_bug.cgi?id=261http://secunia.com/advisories/19910http://secunia.com/advisories/20137http://secunia.com/advisories/20138http://secunia.com/advisories/20221http://secunia.com/advisories/20420http://secunia.com/advisories/20421http://secunia.com/advisories/20782http://secunia.com/advisories/21159http://securitytracker.com/id?1016204http://www.debian.org/security/2006/dsa-1059http://www.gentoo.org/security/en/glsa/glsa-200605-15.xmlhttp://www.novell.com/linux/security/advisories/2006_17_sr.htmlhttp://www.osvdb.org/25224http://www.redhat.com/support/errata/RHSA-2006-0525.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0533.htmlhttp://www.securityfocus.com/archive/1/432822/100/0/threadedhttp://www.securityfocus.com/archive/1/432823/100/0/threadedhttp://www.securityfocus.com/bid/17808https://exchange.xforce.ibmcloud.com/vulnerabilities/26243https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9985https://usn.ubuntu.com/284-1/ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.aschttp://bugzilla.quagga.net/show_bug.cgi?id=261http://secunia.com/advisories/19910http://secunia.com/advisories/20137http://secunia.com/advisories/20138http://secunia.com/advisories/20221http://secunia.com/advisories/20420http://secunia.com/advisories/20421http://secunia.com/advisories/20782http://secunia.com/advisories/21159http://securitytracker.com/id?1016204http://www.debian.org/security/2006/dsa-1059http://www.gentoo.org/security/en/glsa/glsa-200605-15.xmlhttp://www.novell.com/linux/security/advisories/2006_17_sr.htmlhttp://www.osvdb.org/25224http://www.redhat.com/support/errata/RHSA-2006-0525.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0533.htmlhttp://www.securityfocus.com/archive/1/432822/100/0/threadedhttp://www.securityfocus.com/archive/1/432823/100/0/threadedhttp://www.securityfocus.com/bid/17808https://exchange.xforce.ibmcloud.com/vulnerabilities/26243https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9985https://usn.ubuntu.com/284-1/
2006-05-05
Published