Quagga RIPd route injection RIPd in Quagga accepts RIPv1 RESPONSE when RIPv2 authentication is enabled. This condition is possible unless RIPv2 only is specified in the RIPd configuration. This flaw could allow a remote attacker to inject a route via RIPv1 RESPONSE packets. http://bugzilla.quagga.net/show_bug.cgi?id=262 This issue also affects FC4
quagga-0.98.6-1.FC5 has been pushed for fc5, which should resolve this issue. If these problems are still present in this version, then please make note of it in this bug report.