On 5 May 2011 16:42, Todd Burrell <[email protected]> wrote: > Description : > > The remote RIP listener accepts routes that are not sent by a > neighbor. > > This cannot happen in the RIP protocol as defined by RFC2453, and > although the RFC is silent on this point, such routes should probably > be ignored. > > A remote attacker might use this flaw to access the local network if > it is not protected by a properly configured firewall, or to hijack > connections. > > Solution : > > Either disable the RIP listener if it is not used, use RIP-2 in > conjunction with authentication, or use another routing protocol. > > Risk Factor : > > High / CVSS Base Score : 7.5
Did they confirm that the HMC "accepts" any received (bogus) routes? How did they determine that there is a RIP listener present? (RIP is UDP, so it isn't a matter of setting up a TCP session to a port and calling that a "listener".) Did they actually send it a route, and then query it and see that their route was shown in the routing table response? In that case, there may well be a real security issue. Otherwise, there is nothing wrong if it is just ignoring inbound routes. Tony H. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
