var-200908-0381
Vulnerability from variot
Cisco Aironet Lightweight Access Point (AP) devices send the contents of certain multicast data frames in cleartext, which allows remote attackers to discover Wireless LAN Controller MAC addresses and IP addresses, and AP configuration details, by sniffing the wireless network. Cisco Lightweight Access Point is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the affected device to stop responding, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCtb56664. Cisco Aironet wireless access points (APs) are very popular wireless access network devices. This paper associates devices with malicious controllers so that wireless clients cannot access legitimate network resources. This is a denial of service
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200908-0381",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "aironet ap1200",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "aironet ap1100",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "aironet ap1100 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "aironet ap1200 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "aironet ap1100",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "aironet ap1200",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "lightweight access point",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "36145"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003698"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-446"
},
{
"db": "NVD",
"id": "CVE-2009-2976"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:cisco:aironet_ap1100",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:aironet_ap1200",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-003698"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AirMagnet",
"sources": [
{
"db": "BID",
"id": "36145"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-446"
}
],
"trust": 0.9
},
"cve": "CVE-2009-2976",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2009-2976",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-40422",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-2976",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2009-2976",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200908-446",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-40422",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40422"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003698"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-446"
},
{
"db": "NVD",
"id": "CVE-2009-2976"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Aironet Lightweight Access Point (AP) devices send the contents of certain multicast data frames in cleartext, which allows remote attackers to discover Wireless LAN Controller MAC addresses and IP addresses, and AP configuration details, by sniffing the wireless network. Cisco Lightweight Access Point is prone to a remote denial-of-service vulnerability. \nAn attacker can exploit this issue to cause the affected device to stop responding, denying service to legitimate users. \nThis issue is being tracked by Cisco Bug ID CSCtb56664. Cisco Aironet wireless access points (APs) are very popular wireless access network devices. This paper associates devices with malicious controllers so that wireless clients cannot access legitimate network resources. This is a denial of service",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-2976"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003698"
},
{
"db": "BID",
"id": "36145"
},
{
"db": "VULHUB",
"id": "VHN-40422"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-2976",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1022774",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003698",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200908-446",
"trust": 0.6
},
{
"db": "BID",
"id": "36145",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-40422",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40422"
},
{
"db": "BID",
"id": "36145"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003698"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-446"
},
{
"db": "NVD",
"id": "CVE-2009-2976"
}
]
},
"id": "VAR-200908-0381",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-40422"
}
],
"trust": 0.725
},
"last_update_date": "2024-11-23T22:19:15.767000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.cisco.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-003698"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40422"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003698"
},
{
"db": "NVD",
"id": "CVE-2009-2976"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.airmagnet.com/assets/am_technote_skyjack_082509.pdf"
},
{
"trust": 1.7,
"url": "http://www.airmagnet.com/news/press_releases/2009/08252009.php"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1022774"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2976"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-2976"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.3,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=18919"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40422"
},
{
"db": "BID",
"id": "36145"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003698"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-446"
},
{
"db": "NVD",
"id": "CVE-2009-2976"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-40422"
},
{
"db": "BID",
"id": "36145"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003698"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-446"
},
{
"db": "NVD",
"id": "CVE-2009-2976"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-08-27T00:00:00",
"db": "VULHUB",
"id": "VHN-40422"
},
{
"date": "2009-08-25T00:00:00",
"db": "BID",
"id": "36145"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-003698"
},
{
"date": "2009-08-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200908-446"
},
{
"date": "2009-08-27T17:30:00.360000",
"db": "NVD",
"id": "CVE-2009-2976"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-08-28T00:00:00",
"db": "VULHUB",
"id": "VHN-40422"
},
{
"date": "2009-09-15T20:01:00",
"db": "BID",
"id": "36145"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-003698"
},
{
"date": "2009-08-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200908-446"
},
{
"date": "2024-11-21T01:06:12.023000",
"db": "NVD",
"id": "CVE-2009-2976"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200908-446"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Aironet Lightweight AP Vulnerabilities in which details of access point settings are discovered",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-003698"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200908-446"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…