CVE-2006-2223
Quagga 0.98-0.99 - Unauthenticated Routing State Exposure via RIPv1 REQUEST Packets
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2006-2223. PoCs published by Konstantin V. Gavrilenko.
AI-analyzed exploit summary This exploit leverages Quagga's failure to enforce authentication and protocol configuration, allowing remote attackers to inject arbitrary routes into the RIP routing table via a crafted UDP packet sent to port 520.
Description
RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly implement configurations that (1) disable RIPv1 or (2) require plaintext or MD5 authentication, which allows remote attackers to obtain sensitive information (routing state) via REQUEST packets such as SEND UPDATE.
Exploits (1)
This exploit leverages Quagga's failure to enforce authentication and protocol configuration, allowing remote attackers to inject arbitrary routes into the RIP routing table via a crafted UDP packet sent to port 520.