CVE-2006-2224
Quagga Routing Software Suite < 0.99.3 - Authentication Bypass
Title source: ruleDescription
RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly enforce RIPv2 authentication requirements, which allows remote attackers to modify routing state via RIPv1 RESPONSE packets.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Konstantin V. Gavrilenko · textremotelinux
https://www.exploit-db.com/exploits/27802
References (23)
Core 23
Core References
Vendor Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/284-1/
Vendor Advisory vendor-advisory
x_refsource_suse
http://www.novell.com/linux/security/advisories/2006_17_sr.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/26251
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/20782
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10775
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/20138
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/432823/100/0/threaded
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/20421
Vendor Advisory vendor-advisory
x_refsource_sgi
ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2006-0525.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/25225
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/20137
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1016204
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/19910
Exploit, Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/17808
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2006-0533.html
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200605-15.xml
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/21159
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/432856/100/0/threaded
Patch x_refsource_confirm
http://bugzilla.quagga.net/show_bug.cgi?id=262
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2006/dsa-1059
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/20221
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/20420
Scores
EPSS
0.2018
EPSS Percentile
95.5%
Details
CWE
CWE-287
Status
published
Products (5)
quagga/quagga_routing_software_suite
0.95
quagga/quagga_routing_software_suite
0.96.2
quagga/quagga_routing_software_suite
0.96.3
quagga/quagga_routing_software_suite
0.98.5
quagga/quagga_routing_software_suite
< 0.99.3
Published
May 05, 2006
Tracked Since
Feb 18, 2026