Multiple Ethernet Driver Frame Padding Information Disclosure (Etherleak)

This script is Copyright (C) 2003-2015 Tenable Network Security, Inc.

Synopsis :

The remote host appears to leak memory in network packets.

Description :

The remote host uses a network device driver that pads ethernet frames
with data which vary from one packet to another, likely taken from
kernel memory, system memory allocated to the device driver, or a
hardware buffer on its network interface card.

Known as 'Etherleak', this information disclosure vulnerability may
allow an attacker to collect sensitive information from the affected
host provided he is on the same physical subnet as that host.

See also :

Solution :

Contact the network device driver's vendor for a fix.

Risk factor :

Low / CVSS Base Score : 3.3
CVSS Temporal Score : 2.9
Public Exploit Available : false

Family: Misc.

Nessus Plugin ID: 11197 (etherleak.nasl)

Bugtraq ID: 6535

CVE ID: CVE-2003-0001

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now