CVE-2001-0352

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions 3Com AirConnect AP-4111 Symbol 41X1 Access Point

Description The issue allows remote attackers to obtain the WEP encryption key by reading it from a MIB when the value should be write-only. This can be done via the dot11WEPDefaultKeyValue in the dot11WEPDefaultKeysTable of the IEEE 802.11b MIB, or the ap128bWepKeyValue in the ap128bWEPKeyTable in the Symbol MIB.

Recommendations For 3Com AirConnect AP-4111, restrict access to the dot11WEPDefaultKeysTable in the IEEE 802.11b MIB to minimize the risk of exploitation. For Symbol 41X1 Access Point, restrict access to the ap128bWEPKeyTable in the Symbol MIB to minimize the risk of exploitation. Avoid using the dot11WEPDefaultKeyValue and ap128bWepKeyValue variables in the affected MIBs until the issue is resolved.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-0352

Affected Products

3Com Airconnect Ap-4111

Symbol 41X1 Access Point

CVE-2001-0352

Related Identifiers

Affected Products

References · 2