CVE-2006-2223

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2006-2223

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2006-2223.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2006-2223

Related

DSA-1059-1
RHSA-2006:0525
openSUSE-SU-2024:11290-1

Withdrawn

2024-06-30T15:57:02.792399Z

Published

2006-05-05T19:02:00Z

Modified

2024-06-04T04:00:19Z

Summary

[none]

Details

RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly implement configurations that (1) disable RIPv1 or (2) require plaintext or MD5 authentication, which allows remote attackers to obtain sensitive information (routing state) via REQUEST packets such as SEND UPDATE.

References

ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc
http://secunia.com/advisories/19910
http://secunia.com/advisories/20137
http://secunia.com/advisories/20138
http://secunia.com/advisories/20221
http://secunia.com/advisories/20420
http://secunia.com/advisories/20421
http://secunia.com/advisories/20782
http://secunia.com/advisories/21159
http://www.debian.org/security/2006/dsa-1059
http://www.novell.com/linux/security/advisories/2006_17_sr.html
http://www.securityfocus.com/bid/17808
http://bugzilla.quagga.net/show_bug.cgi?id=261
http://securitytracker.com/id?1016204
http://www.gentoo.org/security/en/glsa/glsa-200605-15.xml
http://www.osvdb.org/25224
http://www.redhat.com/support/errata/RHSA-2006-0525.html
http://www.redhat.com/support/errata/RHSA-2006-0533.html
http://www.securityfocus.com/archive/1/432822/100/0/threaded
http://www.securityfocus.com/archive/1/432823/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/26243
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9985
https://usn.ubuntu.com/284-1/

Affected packages

Debian:10 / quagga

Package

Name: quagga
Purl: pkg:deb/debian/quagga?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.99.3-2

Ecosystem specific

{
    "urgency": "medium"
}