A packet sniffer is a software application that uses a network adapter card in promiscuous mode. In promiscuous mode, the network adapter card is able to receive all packets on the physical network wire and pass those packets up to an application. Packet sniffers are typically used for network troubleshooting and traffic analysis, but they can also be used to capture sensitive information such as usernames and passwords. Telnet, FTP, SNMP, and SMTP all send their traffic between the client and the server in clear text. This can result in an attacker gaining access to sensitive information by capturing information through a packet sniffer.
If attackers capture usernames and passwords on one system, they can try those same username and password combinations on other systems and potentially gain access. In a worst-case scenario, attackers can gain access to a user account that has administrative privileges. They can then use that account to create a new account with administrative privileges and use it at any time as a back door into a network.