CVE-2002-2137

Summary

CVE	CVE-2002-2137
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2002-12-31 05:00:00 UTC
Updated	2008-09-05 20:32:00 UTC
Description	GlobalSunTech Wireless Access Points (1) WISECOM GL2422AP-0T, and possibly OEM products such as (2) D-Link DWL-900AP+ B1 2.1 and 2.2, (3) ALLOY GL-2422AP-S, (4) EUSSO GL2422-AP, and (5) LINKSYS WAP11-V2.2, allow remote attackers to obtain sensitive information like WEP keys, the administrator password, and the MAC filter via a "getsearch" request to UDP port 27155.

Risk And Classification

Problem Types: NVD-CWE-Other

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Alloy	Gl-2422ap-s	All	All	All	All
Hardware	Alloy	Gl-2422ap-s	All	All	All	All
Hardware	D-link	Dwl-900ap	b1_2.1	All	All	All
Hardware	D-link	Dwl-900ap	b1_2.2	All	All	All
Hardware	D-link	Dwl-900ap	b1_2.1	All	All	All
Hardware	D-link	Dwl-900ap	b1_2.2	All	All	All
Hardware	D-link	Dwl-900ap	b1_2.1	All	All	All
Hardware	D-link	Dwl-900ap	b1_2.2	All	All	All
Hardware	Eusso	Gl2422 Ap	All	All	All	All
Hardware	Eusso	Gl2422 Ap	All	All	All	All
Hardware	Linksys	Wap11	2.2	All	All	All
Hardware	Linksys	Wap11	2.2	All	All	All
Hardware	Wisecom	Gl2422ap-0t	All	All	All	All
Hardware	Wisecom	Gl2422ap-0t	All	All	All	All

References

Reference	Source	Link	Tags
SecurityFocus HOME Mailing List: BugTraq	BUGTRAQ	online.securityfocus.com	Exploit, Vendor Advisory
ISS X-Force Database: ieee80211b-ap-information-disclosure (10536): Global Sun Technology IEEE802.11b+ access points could disclose sensitive information	XF	www.iss.net
GlobalSunTech Access Point Information Disclosure Vulnerability	BID	www.securityfocus.com	Exploit
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.