Home > Vulnerability Database > CVE-2006-2223

Mend.io Vulnerability Database

CVE-2006-2223

Date: May 5, 2006

RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly implement configurations that (1) disable RIPv1 or (2) require plaintext or MD5 authentication, which allows remote attackers to obtain sensitive information (routing state) via REQUEST packets such as SEND UPDATE.

Severity Score

5.3

Related Resources (26)

Url: http://www.securityfocus.com/archive/1/432823/100/0/threaded

Url: http://www.debian.org/security/2006/dsa-1059

Url: http://www.redhat.com/support/errata/RHSA-2006-0525.html

Url: http://secunia.com/advisories/19910

Url: https://nvd.nist.gov/vuln/detail/CVE-2006-2223

Url: http://secunia.com/advisories/20420

Url: http://secunia.com/advisories/20421

Url: http://www.securityfocus.com/bid/17808

Url: http://secunia.com/advisories/21159

Url: http://www.osvdb.org/25224

Url: http://www.novell.com/linux/security/advisories/2006_17_sr.html

Url: http://www.redhat.com/support/errata/RHSA-2006-0533.html

Url: ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc

Url: http://secunia.com/advisories/20782

Url: http://secunia.com/advisories/20221

Url: https://usn.ubuntu.com/284-1/

Url: http://bugzilla.quagga.net/show_bug.cgi?id=261

Url: http://securitytracker.com/id?1016204

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/26243

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9985

Url: http://secunia.com/advisories/20137

Url: http://secunia.com/advisories/20138

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2223

Url: http://www.gentoo.org/security/en/glsa/glsa-200605-15.xml

Url: http://www.securityfocus.com/archive/1/432822/100/0/threaded

Url: https://www.mend.io/vulnerability-database/CVE-2006-2223

Severity Score

5.3

Weakness Type (CWE)

Input Validation

CWE-20

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

CVSS v2

Base Score:	5.0
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	NONE
Availability (A):	NONE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2006-2223

Date: May 5, 2006

Severity Score

Related Resources (26)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?