Title: Lucent Orinoco Closed Network Unauthorized Access Vulnerability
Severity: HIGH
Description:
ORiNOCO is a Lucent Wireless Network solution, designed to provide access to clients via a network of wireless connections that can be either left open to allow members to freely join, or closed to provide access control.
A problem with the implementation of the ORiNOCO Closed Network could allow unauthorized users to gain access to restricted network resources.
The ORiNOCO networks use a shared secret password, known as the SSID, to control access to network resources. When the network is access controlled, this password functions as the entry key to systems.
Without the use of Wired Equivalent Privacy (WEP), the SSID is sent in plain text throughout the network. It is transmitted in management messages by access points on the network. The location of the SSID in the message varies by the vendor of the access point.
WEP does not completely protect these networks against intrusion. Problems with the protocol can still allow attackers to gain access to network assets.
Affected Products:
- Lucent ORiNOCO 0.0.0
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
