ID CVE-2001-0618
Summary Orinoco RG-1000 wireless Residential Gateway uses the last 5 digits of the 'Network Name' or SSID as the default Wired Equivalent Privacy (WEP) encryption key. Since the SSID occurs in the clear during communications, a remote attacker could determine the WEP key and decrypt RG-1000 traffic.
References
Vulnerable Configurations
  • Lucent ORiNOCO RG-1000
    cpe:2.3:h:lucent:orinoco_rg-1000
CVSS
Base: 7.5 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
refmap via4
bugtraq 20010402 RG-1000 802.11 Residential Gateway default WEP key disclosure flaw
xf orinoco-rg1000-wep-key(6328)
Last major update 05-09-2008 - 16:24
Published 02-08-2001 - 00:00
Last modified 18-12-2017 - 21:29
Back to Top