The remote host is subject to the switch to hub flood attack. Description : The remote host on the local network seems to be connected through a switch which can be turned into a hub when flooded by different mac addresses. The theory is to send a lot of packets (> 1000000) to the port of the switch we are connected to, with random mac addresses. This turns the switch into learning mode, where traffic goes everywhere. An attacker may use this flaw in the remote switch to sniff data going to this host Reference : http://www.securitybugware.org/Other/2041.html
Lock Mac addresses on each port of the remote switch or buy newer switch.
- AT-TFTP Server Long Filename BoF Vulnerability
- Epson EventManager 'x-protocol-version' Denial of Service Vulnerability
- ActFax Server Multiple Remote Buffer Overflow Vulnerabilities
- 7-Zip Unspecified Archive Handling Vulnerability (Win)
- Google Chrome Multiple Denial of Service Vulnerabilities - January12 (Linux)