CVE-2006-0376 - The 802.11 wireless client in certain operating systems including Windows 2000, Windows XP, and Wind

CVE-2006-0376

Summary

The 802.11 wireless client in certain operating systems including Windows 2000, Windows XP, and Windows Server 2003 does not warn the user when (1) it establishes an association with a station in ad hoc (aka peer-to-peer) mode or (2) a station in ad hoc mode establishes an association with it, which allows remote attackers to put unexpected wireless communication into place.

References

Vulnerable Configurations

cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:gold:home:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:gold:home:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*

CVSS

Base:	7.5 (as of 19-10-2018 - 15:44)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bugtraq	20060114 [NMRC Advisory] Microsoft Windows Wireless Exposure on Laptops
misc	http://www.nmrc.org/pub/advise/20060114.txt http://www.securiteam.com/windowsntfocus/5YP0D2KHHO.html http://www.theta44.org/karma/
sectrack	1015489
sreason	349
xf	windows-wireless-adhoc-unauth-access(24157)

Last major update

19-10-2018 - 15:44

Published

22-01-2006 - 20:03

Last modified

19-10-2018 - 15:44