The throttle capability in Swatch may fail to report certain events if (1) the same type of event occurs after the throttle period, or (2) when multiple events matching the same "watchfor" expression do not occur after the throttle period, which could allow attackers to avoid detection.
References
Link | Resource |
---|---|
http://online.securityfocus.com/archive/1/272582 | |
http://www.iss.net/security_center/static/9100.php | Patch Vendor Advisory |
http://www.securityfocus.com/bid/4746 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2002-08-31T04:00:00
Updated: 2002-09-10T09:00:00
Reserved: 2002-08-16T00:00:00
Link: CVE-2002-0896
JSON object: View
NVD Information
Status : Analyzed
Published: 2002-10-04T04:00:00.000
Modified: 2008-09-05T20:29:14.567
Link: CVE-2002-0896
JSON object: View
Redhat Information
No data.
CWE