Home > Vulnerability Database > CVE-2006-2223

Mend.io Vulnerability Database

CVE-2006-2223

Date: May 5, 2006

RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly implement configurations that (1) disable RIPv1 or (2) require plaintext or MD5 authentication, which allows remote attackers to obtain sensitive information (routing state) via REQUEST packets such as SEND UPDATE.

Severity Score

7.8

Related Resources (26)

Url: http://www.securityfocus.com/archive/1/432823/100/0/threaded

Url: http://www.debian.org/security/2006/dsa-1059

Url: http://www.redhat.com/support/errata/RHSA-2006-0525.html

Url: http://secunia.com/advisories/19910

Url: https://nvd.nist.gov/vuln/detail/CVE-2006-2223

Url: http://secunia.com/advisories/20420

Url: http://secunia.com/advisories/20421

Url: http://www.securityfocus.com/bid/17808

Url: http://secunia.com/advisories/21159

Url: http://www.osvdb.org/25224

Url: http://www.novell.com/linux/security/advisories/2006_17_sr.html

Url: http://www.redhat.com/support/errata/RHSA-2006-0533.html

Url: ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc

Url: http://secunia.com/advisories/20782

Url: http://secunia.com/advisories/20221

Url: https://usn.ubuntu.com/284-1/

Url: http://bugzilla.quagga.net/show_bug.cgi?id=261

Url: http://securitytracker.com/id?1016204

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/26243

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9985

Url: http://secunia.com/advisories/20137

Url: http://secunia.com/advisories/20138

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2223

Url: http://www.gentoo.org/security/en/glsa/glsa-200605-15.xml

Url: http://www.securityfocus.com/archive/1/432822/100/0/threaded

Url: https://www.mend.io/vulnerability-database/CVE-2006-2223

Severity Score

7.8

Weakness Type (CWE)

Input Validation

CWE-20

CVSS v3

Base Score:	7.8
Attack Vector (AV):
Attack Complexity (AC):
Privileges Required (PR):
User Interaction (UI):
Scope (S):
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	COMPLETE

CVSS v2

Base Score:	5.6
Access Vector (AV):
Access Complexity (AC):
Authentication (AU):
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2006-2223

Date: May 5, 2006

Severity Score

Related Resources (26)

Severity Score

Weakness Type (CWE)

CVSS v3

CVSS v2

Do you need more information?