10 matches found
Quagga < 0.98.6 / 0.99.4 Multiple Vulnerabilities
According to its self-reported version number, the installation of Quagga listening on the remote host is affected by multiple vulnerabilities : - An information disclosure vulnerability in RIPD can be triggered by a REQUEST packet, such as SEND UPDATE, on hosts that disable RIPv1 or require...
Gentoo Security Advisory GLSA 200605-15 (quagga)
The remote host is missing updates announced in advisory GLSA 200605-15. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
openSUSE 10 Security Update : quagga (quagga-1422)
It was possible to bypass RIPv2 authentication requirements by using RIPv1. Since RIPv1 doesn't support authentication at all this update introduces an option to switch off RIPv1 CVE-2006-2223, CVE-2006-2224. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...
Debian DSA-1059-1 : quagga - several vulnerabilities
Konstantin Gavrilenko discovered several vulnerabilities in quagga, the BGP/OSPF/RIP routing daemon. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2006-2223 Remote attackers may obtain sensitive information via RIPv1 REQUEST packets even if the quagga...
RHEL 2.1 : zebra (RHSA-2006:0533)
Updated zebra packages that fix several security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GNU Zebra is a free software that manages TCP/IP based routing protocol. An information disclosure flaw was foun...
zebra security update
CentOS Errata and Security Advisory CESA-2006:0533-01 Updated zebra packages that fix several security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GNU Zebra is a free software that manages TCP/IP based...
quagga security update
CentOS Errata and Security Advisory CESA-2006:0525 Updated quagga packages that fix several security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Quagga manages the TCP/IP based routing protocol. It takes a...
[SECURITY] [DSA 1059-1] New quagga packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1059-1 [email protected] http://www.debian.org/security/ Martin Schulze May 19th, 2006 http://www.debian.org/security/faq -...
CVE-2006-2224
RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly enforce RIPv2 authentication requirements, which allows remote attackers to modify routing state via RIPv1 RESPONSE packets...
CVE-2006-2224
CVE-2006-2224 affects Quagga RIPd where RIPv2 authentication is not properly enforced, allowing remote attackers to inject/modify routes via RIPv1 RESPONSE packets. Affected are Quagga 0.98 and 0.99 before 20060503. Public advisories (Debian, Fedora/OpenVAS, Gentoo) indicate upgrading to fixed re...