all InfoSec news
VU#855201: L2 network security controls can be bypassed using VLAN 0 stacking and/or 802.3 headers
CERT Recently Published Vulnerability Notes kb.cert.org
Overview
Layer-2 (L2) network security controls provided by various devices, such as switches, routers, and operating systems, can be bypassed by stacking Ethernet protocol headers. An attacker can send crafted packets through vulnerable devices to cause Denial-of-service (DoS) or to perform a man-in-the-middle (MitM) attack against a target network.
Description
This vulnerability exists within Ethernet encapsulation protocols that allow for stacking of Virtual Local Area Network (VLAN) headers. Network standards such as IEEE 802.1Q-1998 and IEEE 802.3 define a system …
controls headers network network security security security controls vlan