CVE-2005-3253 - Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5.4, and AP-7/AP-8 2.5 and othe

CVE-2005-3253

Summary

Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5.4, and AP-7/AP-8 2.5 and other versions before 3.1, and (2) Proxim AP-600 and AP-2000 before 2.5.5, and Proxim AP-700 and AP-4000 after 2.4.11 and before 3.1, use a static WEP key of "12345", which allows remote attackers to bypass authentication.

References

Vulnerable Configurations

cpe:2.3:a:avaya:wireless_ap-3:2.5:*:*:*:*:*:*:*
cpe:2.3:a:avaya:wireless_ap-3:2.5:*:*:*:*:*:*:*
cpe:2.3:a:avaya:wireless_ap-3:2.5.4:*:*:*:*:*:*:*
cpe:2.3:a:avaya:wireless_ap-3:2.5.4:*:*:*:*:*:*:*
cpe:2.3:a:avaya:wireless_ap-4:2.5:*:*:*:*:*:*:*
cpe:2.3:a:avaya:wireless_ap-4:2.5:*:*:*:*:*:*:*
cpe:2.3:a:avaya:wireless_ap-4:2.5.4:*:*:*:*:*:*:*
cpe:2.3:a:avaya:wireless_ap-4:2.5.4:*:*:*:*:*:*:*
cpe:2.3:a:avaya:wireless_ap-5:2.5:*:*:*:*:*:*:*
cpe:2.3:a:avaya:wireless_ap-5:2.5:*:*:*:*:*:*:*
cpe:2.3:a:avaya:wireless_ap-5:2.5.4:*:*:*:*:*:*:*
cpe:2.3:a:avaya:wireless_ap-5:2.5.4:*:*:*:*:*:*:*
cpe:2.3:a:avaya:wireless_ap-6:2.5:*:*:*:*:*:*:*
cpe:2.3:a:avaya:wireless_ap-6:2.5:*:*:*:*:*:*:*
cpe:2.3:a:avaya:wireless_ap-6:2.5.4:*:*:*:*:*:*:*
cpe:2.3:a:avaya:wireless_ap-6:2.5.4:*:*:*:*:*:*:*
cpe:2.3:a:avaya:wireless_ap-7:2.5:*:*:*:*:*:*:*
cpe:2.3:a:avaya:wireless_ap-7:2.5:*:*:*:*:*:*:*
cpe:2.3:a:avaya:wireless_ap-8:2.5:*:*:*:*:*:*:*
cpe:2.3:a:avaya:wireless_ap-8:2.5:*:*:*:*:*:*:*
cpe:2.3:h:proxim:ap-2000:2.5.4:*:*:*:*:*:*:*
cpe:2.3:h:proxim:ap-2000:2.5.4:*:*:*:*:*:*:*
cpe:2.3:h:proxim:ap-4000:2.4.12:*:*:*:*:*:*:*
cpe:2.3:h:proxim:ap-4000:2.4.12:*:*:*:*:*:*:*
cpe:2.3:h:proxim:ap-4000:3.0:*:*:*:*:*:*:*
cpe:2.3:h:proxim:ap-4000:3.0:*:*:*:*:*:*:*
cpe:2.3:h:proxim:ap-600:2.5.4:*:*:*:*:*:*:*
cpe:2.3:h:proxim:ap-600:2.5.4:*:*:*:*:*:*:*
cpe:2.3:h:proxim:ap-700:2.4.12:*:*:*:*:*:*:*
cpe:2.3:h:proxim:ap-700:2.4.12:*:*:*:*:*:*:*
cpe:2.3:h:proxim:ap-700:3.0:*:*:*:*:*:*:*
cpe:2.3:h:proxim:ap-700:3.0:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 08-03-2011 - 02:26)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

confirm	http://keygen.proxim.com/support/cs/Documents/802.1x_vulnerability.pdf http://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf
osvdb	22091
secunia	18047 18057
vupen	ADV-2005-2931

Last major update

08-03-2011 - 02:26

Published

16-12-2005 - 11:03

Last modified

08-03-2011 - 02:26