[L2SWITCH-36] [SECURITY] Topology spoofing via hosttracker Created: 16/Feb/15 Updated: 19/Oct/17 |
|
| Status: | Confirmed |
| Project: | l2switch |
| Component/s: | General |
| Affects Version/s: | unspecified |
| Fix Version/s: | None |
| Type: | Bug | ||
| Reporter: | David Jorm | Assignee: | Unassigned |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Environment: |
Operating System: All |
||
| External issue ID: | 2724 |
| Priority: | Low |
| Description |
|
It has been reported that it is possible for an attacker to spoof network topology via hosttracker. Details are in this paper: http://www.internetsociety.org/sites/default/files/10_4_2.pdf This issue is related to well-known MAC spoofing attacks. It is proposed that this problem should be solved in the long run by implementing new features in the l2switch project that would allow an administrator to configure a policy regarding multiple MAC addresses inside a network. The policy options would be accept or deny. Note that the deny policy would possibly cause problems on wireless environments where a host is always moving from one side to another. MITRE has been contacted requesting a CVE name for this issue. |
| Comments |
| Comment by David Jorm [ 19/Feb/15 ] |
|
CVE-2015-1610 has been assigned to this issue. On the TSC list it has been suggested that an SR3 release is shipped on 3/30. Would it be possible to include a fix for this issue in SR3? |