CVE-2006-2224

Published May 5, 2006

Last updated 3 months ago

CVSS info 5.0

Overview

Description: RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly enforce RIPv2 authentication requirements, which allows remote attackers to modify routing state via RIPv1 RESPONSE packets.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-287

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:quagga:quagga_routing_software_suite:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "26EE7E06-CE27-4782-9A53-35993AC53CB2",
            "versionEndIncluding": "0.99.3"
          },
          {
            "criteria": "cpe:2.3:a:quagga:quagga_routing_software_suite:0.95:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "18918EDF-53FF-4841-9386-5ED3F168B3B4"
          },
          {
            "criteria": "cpe:2.3:a:quagga:quagga_routing_software_suite:0.96.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "435E018F-DDB1-4909-B808-A45315AFECE8"
          },
          {
            "criteria": "cpe:2.3:a:quagga:quagga_routing_software_suite:0.96.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BA29EC39-0599-442C-A9E4-1956C6C7AC4A"
          },
          {
            "criteria": "cpe:2.3:a:quagga:quagga_routing_software_suite:0.98.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "08BBAC60-F40D-4ED1-9CAD-13C0184F05A3"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References