[21186] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: ISS Security Advisory: Wired-side SNMP WEP key exposure in

daemon@ATHENA.MIT.EDU (Matthew R. Potter)
Mon Jun 25 13:40:42 2001

Message-Id: <3.0.6.32.20010622165644.007e6780@192.168.10.140>
Date: Fri, 22 Jun 2001 16:56:44 -0400
To: bugtraq@securityfocus.com
From: "Matthew R. Potter" <mpotter@atpco.com>
In-Reply-To: <3B312495.49CA0B6C@atpco.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"

From the AP-1000 manual:
Orinoco AP1000
read passswd: 'public'
read/write password: 'public'

Network Name: WaveLAN Network
Encryption: Disabled 

something's I noticed from breifly looking at the AP.

SNMP is enabled by default, the client and the AP speak via plain text... I
am pretty damn sure you can get the WEP key from this... Fireup tcpdump,
and watch the interaction between the windoez client and the AP.

M.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[21186] in bugtraq

Re: ISS Security Advisory: Wired-side SNMP WEP key exposure in

daemon@ATHENA.MIT.EDU (Matthew R. Potter)Mon Jun 25 13:40:42 2001

daemon@ATHENA.MIT.EDU (Matthew R. Potter)
Mon Jun 25 13:40:42 2001