-
Bug
-
Resolution: Unresolved
-
None
-
unspecified
-
None
-
Operating System: All
Platform: All
-
2724
-
Low
It has been reported that it is possible for an attacker to spoof network topology via hosttracker. Details are in this paper:
http://www.internetsociety.org/sites/default/files/10_4_2.pdf
This issue is related to well-known MAC spoofing attacks. It is proposed that this problem should be solved in the long run by implementing new features in the l2switch project that would allow an administrator to configure a policy regarding multiple MAC addresses inside a network. The policy options would be accept or deny. Note that the deny policy would possibly cause problems on wireless environments where a host is always moving from one side to another.
MITRE has been contacted requesting a CVE name for this issue.