CVE-2002-1976

Sažetak

ifconfig, when used on the Linux kernel 2.2 and later, does not report when the network interface is in promiscuous mode if it was put in promiscuous mode using PACKET_MR_PROMISC, which could allow attackers to sniff the network without detection, as demonstrated using libpcap.

Reference

http://archives.neohapsis.com/archives/bugtraq/2002-07/0279.html
http://online.securityfocus.com/archive/1/284142
http://online.securityfocus.com/archive/1/284257
http://www.iss.net/security_center/static/9676.php
http://www.securityfocus.com/bid/5304

CVSS

Base:	2.1
Impact:	2.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

05-09-2008 - 20:32

Objavljeno

31-12-2002 - 05:00