cbcvebase.
CVE-2006-2224
published 2006-05-05

CVE-2006-2224: RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly enforce RIPv2 authentication requirements, which allows remote attackers to modify routing state…

PriorityP343medium5CVSS 2.0
AVNACLAuNCNIPAN
EXPLOIT
EPSS
10.36%
95.1th percentile
RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly enforce RIPv2 authentication requirements, which allows remote attackers to modify routing state via RIPv1 RESPONSE packets.

Affected

6 ranges
VendorProductVersion rangeFixed in
quaggaquagga>= 0 < 0.99.3-20.99.3-2
quaggaquagga_routing_software_suite<= 0.99.3
quaggaquagga_routing_software_suite
quaggaquagga_routing_software_suite
quaggaquagga_routing_software_suite
quaggaquagga_routing_software_suite

CVSS provenance

nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:N
osv5.0MEDIUM
vendor_redhat5.0MEDIUM
vendor_ubuntu5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.