Summary
The remote host is subject to the
switch to hub flood attack.
Description :
The remote host on the local network seems to be connected through a switch which can be turned into a hub when flooded by different mac addresses.
The theory is to send a lot of packets (> 1000000) to the port of the switch we are connected to, with random mac addresses. This turns the switch into learning mode, where traffic goes everywhere.
An attacker may use this flaw in the remote switch to sniff data going to this host
Reference :
http://www.securitybugware.org/Other/2041.html
Solution
Lock Mac addresses on each port of the remote switch or buy newer switch.
Severity
Classification
-
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C
Related Vulnerabilities
- Avast! Zoo Denial of Service Vulnerability
- 7T Interactive Graphical SCADA System 'dc.exe' Command Injection Vulnerability
- Apple iTunes Malformed .mov File Buffer Overflow Vulnerability
- ClamAV get_unicode_name() Off-By-One Heap based BOF Vulnerability
- Apple QuickTime Malformed .mov File Buffer Overflow Vulnerability