RIP-2 Poisoning Routing Table Modification

Medium Nessus Plugin ID 39589


It might be possible to hijack connections on this network.


This host is running a RIP-2 agent.

RIP-2 requests can be authenticated but Nessus cannot check this in the current configuration.

If authentication is not implemented, an attacker on the same network may feed the target machine bogus routes and hijack network connections.

Note that this may be a false positive.


Either disable the RIP agent if it is not used or implement RIP-2 authentication.

Plugin Details

Severity: Medium

ID: 39589

File Name: rip2_poison_lan.nasl

Version: $Revision: 1.7 $

Type: remote

Family: Misc.

Published: 2009/07/02

Modified: 2016/12/09

Dependencies: 11829, 39587, 11822

Risk Information

Risk Factor: Medium


Base Score: 5.4

Vector: CVSS2#AV:A/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

Required KB Items: Services/udp/rip