Undetected Network Sniffing Vulnerability in ifconfig

Undetected Network Sniffing Vulnerability in ifconfig

CVE-2002-1976 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

ifconfig, when used on the Linux kernel 2.2 and later, does not report when the network interface is in promiscuous mode if it was put in promiscuous mode using PACKET_MR_PROMISC, which could allow attackers to sniff the network without detection, as demonstrated using libpcap.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.