SUSE CVE-2006-2223

RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly implement configurations that 1 disable RIPv1 or 2 require plaintext or MD5 authentication, which allows remote attackers to obtain sensitive information routing state via REQUEST packets such as SEND UPDATE...

Quagga < 0.98.6 / 0.99.4 Multiple Vulnerabilities

According to its self-reported version number, the installation of Quagga listening on the remote host is affected by multiple vulnerabilities : - An information disclosure vulnerability in RIPD can be triggered by a REQUEST packet, such as SEND UPDATE, on hosts that disable RIPv1 or require...

CVE-2006-2224

RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly enforce RIPv2 authentication requirements, which allows remote attackers to modify routing state via RIPv1 RESPONSE packets...

CVE-2006-2223

RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly implement configurations that 1 disable RIPv1 or 2 require plaintext or MD5 authentication, which allows remote attackers to obtain sensitive information routing state via REQUEST packets such as SEND UPDATE...

CVE-2006-2224

RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly enforce RIPv2 authentication requirements, which allows remote attackers to modify routing state via RIPv1 RESPONSE packets...

CVE-2006-2223

Removed by vendor...

CVE-2006-2224

CVE-2006-2224 affects Quagga RIPd where RIPv2 authentication is not properly enforced, allowing remote attackers to inject/modify routes via RIPv1 RESPONSE packets. Affected are Quagga 0.98 and 0.99 before 20060503. Public advisories (Debian, Fedora/OpenVAS, Gentoo) indicate upgrading to fixed re...

CVE-2006-2224

RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly enforce RIPv2 authentication requirements, which allows remote attackers to modify routing state via RIPv1 RESPONSE packets...

CVE-2006-2224

Removed by vendor...