• Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
The ARP protocol allows any host to spoof ARP replies and poison the ARP cache to conduct IP address spoofing or a denial of service.
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Date Entry Created
19991008 Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Proposed (19991222)
Votes (Legacy)
ACCEPT(2) Blake, Cole
MODIFY(1) Stracener
NOOP(2) Baker, Christey
REJECT(1) Frech
Comments (Legacy)
 Stracener> Add Ref: BUGTRAQ:19970919 Playing redir games with ARP and ICMP
 Frech> Cannot proceed without a reference. Too vague, and resembles XF:netbsd-arp:
   CVE-1999-0763: NetBSD on a multi-homed host allows ARP packets on one
   network to modify ARP entries on another connected network.
   CVE-1999-0764: NetBSD allows ARP packets to overwrite static ARP entries.
   Will reconsider if reference provides enough information to render a
 Christey> This particular vulnerability was exploited by an attacker
   during the ID'Net IDS test network exercise at the SANS
   Network Security '99 conference.  The attacker adapted a
   publicly available program that was able to spoof another
   machine on the same physical network.
   for the Bugtraq reference that Tom Stracener suggested.
   This generated a long thread on Bugtraq in 1997.
 Blake> I'll second Tom's request to add the reference, it's a very
   posting good and the vulnerability is clearly derivative of
   the work.
   (I do recall talking to the guy and drafting a description.)

Proposed (Legacy)
This is an entry on the CVE list, which standardizes names for security problems.