• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

NetBSD ARP Cross Network Vulnerability

ARP is a protocol used to dynamically obtain Network Layer to Link Layer address tranlation services. A vulnerability in NetBSD's ARP implementation allows rouge hosts attached to a network to which a NetBSD multihomed host is attached to insert ARP table entries for hosts in the other networks to which the NetBSD host is attached. The NetBSD host fails to check the address information of incoming ARP packets to ensure that is corresponds to one of the address of the interface on which the packet arrived.