CVE-2001-0352
CVSS5.0
发布时间 :2001-07-21 00:00:00
修订时间 :2008-09-10 15:07:48
NMCOS    

[原文]SNMP agents in 3Com AirConnect AP-4111 and Symbol 41X1 Access Point allow remote attackers to obtain the WEP encryption key by reading it from a MIB when the value should be write-only, via (1) dot11WEPDefaultKeyValue in the dot11WEPDefaultKeysTable of the IEEE 802.11b MIB, or (2) ap128bWepKeyValue in the ap128bWEPKeyTable in the Symbol MIB.


[CNNVD]Symbol Technologies Firmware Insecure SNMP漏洞(CNNVD-200107-132)

        3Com AirConnect AP-4111和Symbol 41X1 Access Point版本SNMP代理存在漏洞。当数值只写时,远程攻击者借助(1) IEEE 802.11b MIB中dot11WEPDefaultKeysTable的dot11WEPDefaultKeyValue,或者(2)Symbol MIB中ap128bWEPKeyTable的ap128bWepKeyValue,通过从MIB读取该值获取WEP加密密钥,

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:symbol:41x1_access_point
cpe:/h:3com:3crwe747a3Com AirConnect AP-4111

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0352
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-0352
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200107-132
(官方数据源) CNNVD

- 其它链接及资源

- 漏洞信息

Symbol Technologies Firmware Insecure SNMP漏洞
中危 其他
2001-07-21 00:00:00 2005-10-20 00:00:00
远程  
        3Com AirConnect AP-4111和Symbol 41X1 Access Point版本SNMP代理存在漏洞。当数值只写时,远程攻击者借助(1) IEEE 802.11b MIB中dot11WEPDefaultKeysTable的dot11WEPDefaultKeyValue,或者(2)Symbol MIB中ap128bWEPKeyTable的ap128bWepKeyValue,通过从MIB读取该值获取WEP加密密钥,

- 公告与补丁

        Upgrades forthcoming. 3Com product upgrades will be made available via the primary 3Com Site (
        http://www.3com.com).

- 漏洞信息

6059
3Com AirConnect and Symbol MIB WEP Key Disclosure
Remote / Network Access Cryptographic, Information Disclosure
Loss of Confidentiality
Exploit Public

- 漏洞描述

SNMP agents in 3Com AirConnect and Symbol Access Point may allow a remote attacker to obtain the WEP encryption key. The issue is triggered when the SNMP agents reveals the WEP encryption key in response to SNMP queries for the dot11WEPDefaultKeysTable in the IEEE 802.11 MIB or the the ap128bWEPKeyTable in the 3ComAP MIB. It is possible that the flaw may allow a remote attacker to undermine authentication and privacy protection mechanisms for wireless clients, resulting in further access to the wireless network.

- 时间线

2001-06-20 Unknow
2001-06-20 Unknow

- 解决方案

Consult your vendor for appropriate patches. It is also possible to correct the flaw by implementing the following workaround: Disable all SNMP agents.

- 相关参考

- 漏洞作者

- 漏洞信息

Symbol Technologies Firmware Insecure SNMP Vulnerability
Origin Validation Error 2899
Yes No
2001-06-20 12:00:00 2009-07-11 06:56:00
This vulnerability was announced to Bugtraq in an ISS X-Force Security Advisory on June 20, 2001.

- 受影响的程序版本

Symbol Access Point Series 41X1
+ 3Com AirConnect AP-4111
+ Lucent ORiNOCO WaveLAN AP-1000

- 漏洞讨论

Symbol Technologies is the manufacturer of various wireless electronic components and devices. Symbol Technologies provides components to various manufacturers for use in Wireless Access Points on 802.11b networks.

A problem in Symbol firmware makes it possible to retrieve the WEP Key from the wired network interface. This can be accomplished by sending a query to the interface via SNMP. The need for a community string with the query is currently unknown.

Therefore, it's possible for a remote user to gain access to the WEP key, which could lead to sniffing of the wireless network, and potentially gaining unrestricted access.

- 漏洞利用

See discussion.

- 解决方案

Upgrades forthcoming. 3Com product upgrades will be made available via the primary 3Com Site (http://www.3com.com).

- 相关参考

     

     

    关于SCAP中文社区

    SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

    版权声明

    CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站