CVE-2003-0934
CVSS4.6
发布时间 :2003-12-01 00:00:00
修订时间 :2016-10-17 22:38:22
NMCOPS    

[原文]Symbol Access Portable Data Terminal (PDT) 8100 does not hide the default WEP keys if they are not changed, which could allow attackers to retrieve the keys and gain access to the wireless network.


[CNNVD]Symbol Technologies PDT 8100默认WEP密钥配置漏洞(CNNVD-200312-013)

        
        PDT 8100是一款便携式数据终端,将笔触式和键盘式移动数据收集结合的解决方案。
        PDT 8100默认配置存在不安全问题,远程攻击者可以利用这个漏洞未授权访问网络资源。
        在安装过程中,如果默认密钥没有更改,通过点击PDT 8100右边低端的无线图标,并选择'encryption tab',PDT 8100会显示明文密钥给任意用户,窃取或拷贝PDT 8100的WiFI密钥,可以允许攻击者未授权访问限制网络资源。
        

- CVSS (基础分值)

CVSS分值: 4.6 [中等(MEDIUM)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0934
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0934
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200312-013
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=106850011513880&w=2
(UNKNOWN)  BUGTRAQ  20031110 Symbol Technologies Default WEP KEYS Vulnerability
http://www.secnap.net/security/031106.html
(VENDOR_ADVISORY)  MISC  http://www.secnap.net/security/031106.html

- 漏洞信息

Symbol Technologies PDT 8100默认WEP密钥配置漏洞
中危 配置错误
2003-12-01 00:00:00 2005-10-20 00:00:00
本地  
        
        PDT 8100是一款便携式数据终端,将笔触式和键盘式移动数据收集结合的解决方案。
        PDT 8100默认配置存在不安全问题,远程攻击者可以利用这个漏洞未授权访问网络资源。
        在安装过程中,如果默认密钥没有更改,通过点击PDT 8100右边低端的无线图标,并选择'encryption tab',PDT 8100会显示明文密钥给任意用户,窃取或拷贝PDT 8100的WiFI密钥,可以允许攻击者未授权访问限制网络资源。
        

- 公告与补丁

        临时解决方法:
        如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
        * 安装者必须更改Shared Secret和WiFI密钥。
        厂商补丁:
        Symbol Technologies
        -------------------
        目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:
        
        http://www.symbol.com/products/mobile_computers/mobile_pdt8100.html

- 漏洞信息 (F32194)

symbol.txt (PacketStormID:F32194)
2003-11-14 00:00:00
Michael Scheidell  
advisory
CVE-2003-0934
[点击下载]

The Symbol PDT 8100 does not attempt to change its default existing WEP keys during installation. If not changed, the PDT 8100 will reveal the WEP keys to any user in plain text by taping on the wireless icon on lower right hand of 8100 and scrolling to the 'encryption tab'. A stolen PDT 8100 or copied keys can allow an insider the ability to totally compromise the Wi-Fi network.

Symbol Technologies Default WEP KEYS Vulnerability
Systems: Symbol Technologies PDT 8100
Severity: Medium=20
Category: Default password storage and access
Classification: Installation problem
BugTraq-ID: TBA
CVE-ID: CAN-2003-0934
SymbolTech-ID: 620646
Local Exploit: yes=20
Vendor URL: http://www.symbol.com
Author: Michael S. Scheidell, SECNAP Network Security=20
Notifications:
AutomedRX Nov 6, 2003
Symbol Technologies,  Nov 7, 2003
Cert, Nov 7, 2003
Released: November 10, 2003


Discussion:=20
http://www.symbol.com/products/mobile_computers/mobile_pdt8100.html

Tap, Type, or Scan-Maximum Versatility in a Portable Data Terminal=20
The PDT 8100 Series from Symbol Technologies bridges the gap between =
pure pen-based and key-based mobile data collection solutions. The first =
Pocket PC device available with multiple keyboard options, the PDT 8100 =
is a versatile, large-screen handheld that delivers the functionality of =
Pocket PC with the convenience of tactile, key-based data entry.

Problem:=20
During installation, if the default WiFI keys and shared secret are not =
changed:
A) they can be retrieved by end user
B) used by hackers to gain unauthorized access to wireless network

Symbol Access PDT 8100 hides existing WEP keys so that users cannot view =
them IF AND ONLY IF YOU CHANGE THE DEFAULTS.  This is not a design flaw =
but rather a feature in the PDT 8100 that is used ONLY during initial =
setup to facilitate connection to client's Wireless gateways.  Where the =
vulnerability exists is if during installation, these keys are not =
changed.  If not changed, the PDT 8100 will reveal them to any user in =
plain text by taping on the wireless icon on lower right hand of 8100 =
and scrolling to the 'encryption tab'.  A stolen PDT 8100 or copied keys =
can allow an insider the ability to totally compromise the WiFi network. =
 Unchanged factory default keys are published and should not be used =
past initial testing or on a live network.  Tested on model =
8146-T2B940US

The Common Vulnerabilities and Exposures (CVE) project has assigned the =
name CAN-2003-0934 to this issue. This is a candidate for inclusion in =
the CVE list (http://cve.mitre.org), which standardizes names for =
security problems.

Vendor Response:=20
November 10, 2003:
Vendor was extremely helpful and confirmed what the default keys were, =
and that changing the default keys would hide them from user. Symbol =
Technologies continues to work with Wifi standards and security groups =
to improve both the user experience and the security of their products =
and has upgraded and updated both their software and firmware to keep up =
with the latest security requirements.  Symbol Technologies recommends =
(in their installation manuals and guides) that all default passwords =
and keys be changed during installation.

Exploit:=20
A user just needs to clone the Wifi keys, shared secret, MAX address and =
SSID to be able to have unauthorized access to the client's network.

Solution:=20
The installer or client needs to change both the shared secret and the =
Wifi Keys.
Also see Seven Security Problems of 802.11 Wireless at:
http://www.oreillynet.com/pub/a/wireless/2002/05/24/wlan.html

Credit:=20
Problem found by Michael Scheidell, SECNAP Network Security =
vulnerability research team, with assistance by John Hughes, Symbol =
Technologies http://www.symbol.com and Syed Jafri, AutoMedRX, Inc. =
http://www.automedrx.com

Original copy of this report can be found here=20
http://www.secnap.net/security/031106.html
Copyright: Above Copyright(c) 2003, SECNAP Network Security, LLC. World =
rights reserved.=20
This security report can be copied and redistributed electronically =
provided it is not edited and is quoted in its entirety without written =
consent of SECNAP Network Security, LLC. Additional information or =
permission may be obtained by contacting SECNAP Network Security at =
561-368-9561=20
    

- 漏洞信息

11649
Symbol Access Portable Data Terminal WEP Key Exposure

- 漏洞描述

Unknown or Incomplete

- 时间线

2003-11-10 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Symbol Technologies PDT 8100 Default WEP Keys Configuration Vulnerability
Configuration Error 9006
No Yes
2003-11-10 12:00:00 2009-07-12 12:56:00
Discovery credited to Michael Scheidell.

- 受影响的程序版本

Symbol Technologies PDT 8100

- 漏洞讨论

A problem has been identified in the default configuration of the Symbol Technologies PDT 8100. Because of this, a local user may be able to gain unauthorized access to network resources.

- 漏洞利用

No exploit is required for this vulnerability.

- 解决方案

This issue has reportedly been confirmed by the vendor.
----
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站