New Search

Insecure Design of the STP Protocol

oval:org.mitre.oval:def:380

The STP protocol as enabled in Linux 2.4.x does not provide sufficient security by design which allows attackers to modify the bridge topology.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Linux 9
Class:
vulnerability
Reference(s):
  • CVE-2003-0550
Product(s):
  • Linux kernel