Wired-side SNMP WEP key exposure in 802.11b Access Points
ISS X-Force:
Wired-side SNMP WEP key exposure in 802.11b Access Points – (June 20, 2001)
Internet Security Systems (ISS) X-Force has discovered a vulnerability
in several 802.11b Access Point devices. This problem may reveal the
Wired Equivalent Privacy (WEP) key that is associated with the wired
network.X-Force confirmed the following products are vulnerable:
3Com AirConnect Model Number AP-4111
Symbol 41X1 Access Point Series
Multiple Vendor 802.11b Access Point SNMP authentication flaw – (June 20, 2001)
ISS X-Force has discovered a serious flaw in the authentication
mechanism of the Atmel VNET-B Simple Network Management Protocol (SNMP)
implementation. Atmel devices are provided via Original Equipment
Manufacturer (OEM) agreements to Netgear and Linksys. These devices do
not implement any SNMP security measures, which may allow an attacker
to gain access to or control a wireless LAN (WLAN).Affected Versions:
Atmel 802.11b VNET-B based Access Point
with firmware versions up to and including 1.3
Linksys WAP11
with Atmel firmware versions up to and including 1.3
Netgear ME102
with Atmel firmware versions up to and including 1.3
