2003-07-25 08:00:00
mitre
PUBLISHED
The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology.