CVE-2006-2224

Name of the Vulnerable Software and Affected Versions: Quagga versions prior to 0.98.6-r1 Quagga version 0.99 before 20060503

Description: The issue concerns the RIPd component in Quagga, which fails to properly enforce RIPv2 authentication requirements. This allows remote attackers to modify routing state via RIPv1 RESPONSE packets. Multiple vulnerabilities in the Quagga package can lead to a breach of protected information, and these vulnerabilities can be exploited remotely.

Recommendations: For Quagga versions prior to 0.98.6-r1, update to version 0.98.6-r1 or later to resolve the issue. For Quagga version 0.99 before 20060503, update to a version released after 20060503 to address the problem. As a temporary workaround, consider restricting access to the RIPd component until a patch is available.