RIP-1 Poisoning Routing Table Modification

This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.


Synopsis :

It may be possible to hijack connections on this network.

Description :

This host is running a RIP-1 agent.

RIP-1 does not implement authentication. An attacker on the same
network may feed the target machine bogus routes and hijack network
connections.

Note that Nessus cannot test this flaw as it is not running on the
same network.

Solution :

Either disable the RIP agent if it is not used or use RIP-2 and
implement authentication.

Risk factor :

Medium / CVSS Base Score : 5.8
(CVSS2#AV:A/AC:L/Au:N/C:P/I:P/A:P)

Family: Misc.

Nessus Plugin ID: 39588 ()

Bugtraq ID:

CVE ID: