RIP-2 Poisoning Routing Table Modification

This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.


Synopsis :

It might be possible to hijack connections on this network.

Description :

This host is running a RIP-2 agent.

RIP-2 requests can be authenticated but Nessus cannot check this in
the current configuration.

If authentication is not implemented, an attacker on the same network
may feed the target machine bogus routes and hijack network
connections.

Note that this may be a false positive.

Solution :

Either disable the RIP agent if it is not used or implement RIP-2
authentication.

Risk factor :

Medium / CVSS Base Score : 5.4
(CVSS2#AV:A/AC:M/Au:N/C:P/I:P/A:P)

Family: Misc.

Nessus Plugin ID: 39589 ()

Bugtraq ID:

CVE ID: