WeFi WEP Key Data Local Information Disclosure Vulnerability
BID:30158
Info
WeFi WEP Key Data Local Information Disclosure Vulnerability
| Bugtraq ID: | 30158 |
| Class: | Access Validation Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Jul 09 2008 12:00AM |
| Updated: | Jul 10 2008 09:19PM |
| Credit: | Xia Shing Zee |
| Vulnerable: |
WeFi WeFi 3.3.3 .0 |
| Not Vulnerable: | |
Discussion
WeFi WEP Key Data Local Information Disclosure Vulnerability
WeFi is prone to a local information-disclosure vulnerability because it fails to securely store sensitive data.
Attackers can exploit this issue to access keys for WEP, WPA, and WPA2 access points.
WeFi 3.3.3.0 is vulnerable; other versions may also be affected.
WeFi is prone to a local information-disclosure vulnerability because it fails to securely store sensitive data.
Attackers can exploit this issue to access keys for WEP, WPA, and WPA2 access points.
WeFi 3.3.3.0 is vulnerable; other versions may also be affected.
Exploit / POC
WeFi WEP Key Data Local Information Disclosure Vulnerability
Attackers can exploit this issue by viewing affected memory with readily available utilities.
Attackers can exploit this issue by viewing affected memory with readily available utilities.
Solution / Fix
WeFi WEP Key Data Local Information Disclosure Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
WeFi WEP Key Data Local Information Disclosure Vulnerability
References:
References: