10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.011 Low
EPSS
Percentile
84.6%
The ethernet monitor program; for keeping track of ethernet/ip address pairings.
Arpwatch does not properly drop supplementary groups.
Attackers, if able to exploit arpwatch, could escalate privileges outside of the running process.
There is no known workaround at this time.
All arpwatch users should upgrade to the latest version:
# emerge --sync
# emerge --ask --verbose --oneshot ">=net-analyzer/arpwatch-2.1.15-r8"
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Gentoo | any | all | net-analyzer/arpwatch | < 2.1.15-r8 | UNKNOWN |