Cisco Catalyst Unicast Traffic Broadcast Vulnerability

Catalyst is a commercial-grade switch distributed by Cisco.

Under normal circumstances, a switch will learn the MAC address of a system connected to a port after one packet. It has been reported that the switch may not learn the MAC of a connected system until several more packets have been sent to the unknown host. By doing so, unicast traffic between two systems across the switch may be broadcast to all systems connected to the switch.


 

Privacy Statement
Copyright 2010, SecurityFocus