Title: Symbol Technologies Firmware Insecure SNMP Vulnerability
Severity: CRITICAL
Description:
Symbol Technologies is the manufacturer of various wireless electronic components and devices. Symbol Technologies provides components to various manufacturers for use in Wireless Access Points on 802.11b networks.
A problem with some Symbol Technologies components make it possible for remote users to gain access to privileged information. An attacker gaining access to this information may be able to retrieve the Wired Equivalent Privacy (WEP) Key.
Under normal operation, a wireless access point servers as the gateway to all wireless networked machines, passing traffic between the wireless and land-line networks. For security of network traffic, WEP is used between the wireless access system's wireless interface, and the wireless clients to encrypt traffic traversing the air waves.
The problem involves the firmware used with some Symbol Technologies components. Symbol components used in some wireless access points permit users with the ability to reach the wired network interface of the access point from the wired side of the network to retrieve the WEP encryption key via SNMP by querying the device for the dot11WEPDefaultKeyValue in the dot11WEPDefaultKeysTable, and the ap128bWepKeyValue in the ap128bWEPKeyTable.
It is possible to use a default community string of "public" to access this data.
Affected Products:
- 3Com AirConnect AP-4111
- Lucent ORiNOCO WaveLAN AP-1000
- Symbol Access Point Series 41X1
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
