CVE-2006-2223

2006-05-0500:00:00

ubuntu.com

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.017 Low

EPSS

Percentile

87.7%

JSON

RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly implement
configurations that (1) disable RIPv1 or (2) require plaintext or MD5
authentication, which allows remote attackers to obtain sensitive
information (routing state) via REQUEST packets such as SEND UPDATE.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchquagga< 0.99.2-1ubuntu3.3UNKNOWN
ubuntu6.10noarchquagga< 0.99.4-4ubuntu1.2UNKNOWN
ubuntu7.04noarchquagga< 0.99.6-2ubuntu3.2UNKNOWN