RIPd in Quagga does not honor version control for REQUEST packets.
Quagga will respond to these packages for RIP versions which have been
disabled, or require authentication. This could cause Quagga to leak
information about the network to a remote attacker.
This issue also affects zebra
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.