D-Link DWL-2100AP Information Disclosure Vulnerability
BID:18299
CVE-2006-2901 |Info
D-Link DWL-2100AP Information Disclosure Vulnerability
| Bugtraq ID: | 18299 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 06 2006 12:00AM |
| Updated: | Jun 06 2006 08:27PM |
| Credit: | Discovery credited to Wendel Guglielmetti Henrique and Intruders Tiger Team Security. |
| Vulnerable: |
D-Link DWL-2100AP 0 |
| Not Vulnerable: | |
Discussion
D-Link DWL-2100AP Information Disclosure Vulnerability
D-Link DWL-2100AP devices are susceptible to a remote information-disclosure vulnerability. The devices fail to properly secure configuration information.
This issue allows remote, unauthenticated attackers to gain access to potentially sensitive configuration information from affected devices. This may aid them in further attacks.
D-Link DWL-2100AP devices are susceptible to a remote information-disclosure vulnerability. The devices fail to properly secure configuration information.
This issue allows remote, unauthenticated attackers to gain access to potentially sensitive configuration information from affected devices. This may aid them in further attacks.
Exploit / POC
D-Link DWL-2100AP Information Disclosure Vulnerability
Attackers may use a web browser to exploit this issue.
Attackers may use a web browser to exploit this issue.
Solution / Fix
D-Link DWL-2100AP Information Disclosure Vulnerability
Solution:
The reporter of this issue states that a vendor patch is available from the following URI:
http://www.dlinkbrasil.com.br/internet/downloads/Wireless/DWL-2100AP/DWL2100AP-firmware-v210na-r0343.tfp
Symantec has not been able to confirm the existence or validity of this fix.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Solution:
The reporter of this issue states that a vendor patch is available from the following URI:
http://www.dlinkbrasil.com.br/internet/downloads/Wireless/DWL-2100AP/DWL2100AP-firmware-v210na-r0343.tfp
Symantec has not been able to confirm the existence or validity of this fix.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
References
D-Link DWL-2100AP Information Disclosure Vulnerability
References:
References:
- ADVISORY/0206 - D-Link Wireless Access-Point (DWL-2100ap) (Intruders Tiger Team Security)
- D-Link DWL-2100AP Product Page (D-Link)