| VID |
29036 |
| Severity |
40 |
| Port |
27155 |
| Protocol |
UDP |
| Class |
AccessPoint |
| Detailed Description |
The AccessPoint discloses the sensitive information like WEP keys and admin password.
By sending a packet to UDP port 27155 containing the string "gstsearch", remote attackers could cause the accesspoint to return sensitive information such as the device's WEP encryption keys, mac filter and administrative password. Information gained by exploiting this vulnerability may allow the attacker to launch further attacks against the target network.
* References:
http://marc.theaimsgroup.com/?l=bugtraq&m=103642981507718&w=2
http://www.globalsuntech.com/solution/ieee80211/ieee80211.html
http://archives.neohapsis.com/archives/bugtraq/2002-11/0011.html
http://www.securityfocus.com/archive/1/298432
* Platforms Affected:
Linksys WAP11 2.2
Wisecom GL2422AP-0T Any version
D-Link DWL-900AP+ 2.2
GlobalSunTech WISECOM GL2422AP-0T |
| Recommendation |
No remedy available as of June 2014.
Contact your vendor for upgrade or patch information. |
| Related URL |
(CVE) |
| Related URL |
6100 (SecurityFocus) |
| Related URL |
10536 (ISS) |
|
