CVE-2002-1976

Linux kernel <2.2 - Info Disclosure

Title source: llm

Description

ifconfig, when used on the Linux kernel 2.2 and later, does not report when the network interface is in promiscuous mode if it was put in promiscuous mode using PACKET_MR_PROMISC, which could allow attackers to sniff the network without detection, as demonstrated using libpcap.

References (5)

[Third Party Advisory] http://archives.neohapsis.com/archives/bugtraq/2002-07/0279.html

[Third Party Advisory] http://www.iss.net/security_center/static/9676.php

[Patch] http://www.securityfocus.com/bid/5304

[Third Party Advisory, VDB Entry] http://online.securityfocus.com/archive/1/284142

[Third Party Advisory, VDB Entry] http://online.securityfocus.com/archive/1/284257

Scores

EPSS 0.0013

EPSS Percentile 33.0%

Classification

Status draft

Affected Products (49)

linux/linux_kernel

... and 34 more

Timeline

Published Dec 31, 2002

Tracked Since Feb 18, 2026