Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1096

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2003-1096
Last Modified 05 Sep 2008 04:36:01
Published 31 Dec 2003 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-1096

Summary

The Cisco LEAP challenge/response authentication mechanism uses passwords in a way that is susceptible to dictionary attacks, which makes it easier for remote attackers to gain privileges via brute force password guessing attacks.

Vulnerable Systems

Application

  • Cisco Leap


References

CERT-VN - VU#473108

XF - cisco-leap-dictionary(12804)

BID - 8755

BUGTRAQ - 20031006 Weaknesses in LEAP Challenge/Response

BUGTRAQ - 20031003 Dictionary attack against Cisco's LEAP, Wireless LANs vulnerable

CISCO - 20030803 Dictionary Attack on Cisco LEAP Vulnerability

BUGTRAQ - 20040407 Release of Cisco Attack tool Asleap

OSVDB - 15209


Last Updated: 27 May 2016 10:38:14