Family: Fedora Local Security Checks --> Category: infos
Fedora Core 5 2006-845: quagga Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the quagga package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory FEDORA-2006-845 (quagga).
Quagga is a free software that manages TCP/IP based routing
protocol. It takes multi-server and multi-thread approach to resolve
the current complexity of the Internet.
Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng.
Quagga is intended to be used as a Route Server and a Route Reflector. It is
not a toolkit, it provides full routing power under a new architecture.
Quagga by design has a process for each protocol.
Quagga is a fork of GNU Zebra.
Update information :
* Mon May 8 2006 Jay Fenlason 0:0.98.6-1.FC5
- Upgrade to new upstream version, closing security problems:
bz#191081 CVE-2006-2223 Quagga RIPd information disclosure
bz#191085 CVE-2006-2224 Quagga RIPd route injection
Solution : Get the newest Fedora Updates
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.