RIP-2 Poisoning Routing Table Modification

medium Nessus Plugin ID 39589

Synopsis

It might be possible to hijack connections on this network.

Description

This host is running a RIP-2 agent.

RIP-2 requests can be authenticated but Nessus cannot check this in the current configuration.

If authentication is not implemented, an attacker on the same network may feed the target machine bogus routes and hijack network connections.

Note that this may be a false positive.

Solution

Either disable the RIP agent if it is not used or implement RIP-2 authentication.

Plugin Details

Severity: Medium

ID: 39589

File Name: rip2_poison_lan.nasl

Version: Revision: 1.7

Type: remote

Family: Misc.

Published: 7/2/2009

Updated: 12/9/2016

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5.4

Vector: CVSS2#AV:A/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

Required KB Items: Services/udp/rip