====== Packing Sniffing Vulnerability ======

Underlying network traffic can be read by an attacker and a web page or application session can be reconstructed in an attempt to collect passwords or other data.

===== Exploits =====

  * [[http://www.ethereal.com/]]

===== Remedy =====

For sensitive data, use encryption.  The most common method for accomplishing this is the use of SSL/TLS.  SSL/TLS is used to encrypt a higher-level protocol such as HTTP.

===== Additional Information =====

  * See [[security:web_application_security|web application security]] and [[catalog|security vulnerabilities catalog]].
  * [[http://www.openssl.org/]]