Summary
The remote host is subject to the
switch to hub flood attack.
Description :
The remote host on the local network seems to be connected through a switch which can be turned into a hub when flooded by different mac addresses.
The theory is to send a lot of packets (> 1000000) to the port of the switch we are connected to, with random mac addresses. This turns the switch into learning mode, where traffic goes everywhere.
An attacker may use this flaw in the remote switch to sniff data going to this host
Reference :
http://www.securitybugware.org/Other/2041.html
Solution
Lock Mac addresses on each port of the remote switch or buy newer switch.
Severity
Classification
-
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C
Related Vulnerabilities
- Google Chrome Multiple Denial of Service Vulnerabilities - March12 (Mac OS X)
- Apple QuickTime Multiple Denial Of Service Vulnerabilities (Win)
- Active Perl Modules Multiple Vulnerabilities (Windows)
- Apple iTunes Malformed .mov File Buffer Overflow Vulnerability
- Adobe Flash Player/Air Multiple Vulnerabilities - August10 (Win)