CVE Catalog

CVE-2002-1976

Low
Published: Translated: NVD NIST

Summary

The ifconfig command in Linux kernel 2.2 and later does not report when the network interface is in promiscuous mode if it was enabled using PACKET_MR_PROMISC. This could allow attackers to sniff network traffic undetected.

Risk Assessment

Organizations may be exposed to unauthorized access to data transmitted over the network, potentially leading to data leaks and privacy violations.

Recommendation

It is recommended to monitor and audit network interface configurations and implement additional security measures to detect unauthorized changes in interface modes.

Original NVD description (English source)

ifconfig, when used on the Linux kernel 2.2 and later, does not report when the network interface is in promiscuous mode if it was put in promiscuous mode using PACKET_MR_PROMISC, which could allow attackers to sniff the network without detection, as demonstrated using libpcap.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS