Vulnerability CVE-2005-3482


Published: 2005-11-02   Modified: 2012-02-12

Description:
Cisco 1200, 1131, and 1240 series Access Points, when operating in Lightweight Access Point Protocol (LWAPP) mode and controlled by 2000 and 4400 series Airespace WLAN controllers running 3.1.59.24, allow remote attackers to send unencrypted traffic to a secure network using frames with the MAC address of an authenticated end host.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
Cisco Airespace Wireless LAN Controllers Allow Unencrypted Network Access
CISCO
02.11.2005

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
None
Affected software
Cisco -> Aironet ap1131 
Cisco -> Aironet ap1200 
Cisco -> Aironet ap1240 

 References:
http://www.cisco.com/warp/public/707/cisco-sa-20051102-lwapp.shtml
http://www.vupen.com/english/advisories/2005/2278
http://www.securityfocus.com/bid/15272
http://www.osvdb.org/20454
http://securitytracker.com/id?1015140
http://secunia.com/advisories/17406
http://securityreason.com/securityalert/139

Copyright 2021, cxsecurity.com

 

Back to Top