Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0214

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2002-0214
Last Modified 10 Sep 2008 08:00:43
Published 16 May 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2002-0214

Summary

Compaq Intel PRO/Wireless 2011B LAN USB Device Driver 1.5.16.0 through 1.5.18.0 stores the 128-bit WEP (Wired Equivalent Privacy) key in plaintext in a registry key with weak permissions, which allows local users to decrypt network traffic by reading the WEP key from the registry key.

Vulnerable Systems

Operating System

  • Intel Pro Wireless 2011b Lan Usb Device Driver 1.5.16.0

  • Intel Pro Wireless 2011b Lan Usb Device Driver 1.5.18.0


References

XF - intel-wlan-wep-plaintext(8015)

BUGTRAQ - 20020128 Intel WLAN Driver storing 128bit WEP-Key in plain text!

BID - 3968


Last Updated: 27 May 2016 10:36:50