CVE-2005-3253 - OpenCVE

Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5.4, and AP-7/AP-8 2.5 and other versions before 3.1, and (2) Proxim AP-600 and AP-2000 before 2.5.5, and Proxim AP-700 and AP-4000 after 2.4.11 and before 3.1, use a static WEP key of "12345", which allows remote attackers to bypass authentication.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Avaya	Wireless Ap-4 Wireless Ap-7 Wireless Ap-8 Wireless Ap-3 Wireless Ap-6 Wireless Ap-5
Proxim	Ap-700 Ap-600 Ap-4000 Ap-2000

Configuration 1 [-]

OR	cpe:2.3:a:avaya:wireless_ap-3:2.5:::::::*
	cpe:2.3:a:avaya:wireless_ap-3:2.5.4:::::::*
	cpe:2.3:a:avaya:wireless_ap-4:2.5:::::::*
	cpe:2.3:a:avaya:wireless_ap-4:2.5.4:::::::*
	cpe:2.3:a:avaya:wireless_ap-5:2.5:::::::*
	cpe:2.3:a:avaya:wireless_ap-5:2.5.4:::::::*
	cpe:2.3:a:avaya:wireless_ap-6:2.5:::::::*
	cpe:2.3:a:avaya:wireless_ap-6:2.5.4:::::::*
	cpe:2.3:a:avaya:wireless_ap-7:2.5:::::::*
	cpe:2.3:a:avaya:wireless_ap-8:2.5:::::::*

Configuration 2 [-]

OR	cpe:2.3:h:proxim:ap-2000:2.5.4:::::::*
	cpe:2.3:h:proxim:ap-4000:2.4.12:::::::*
	cpe:2.3:h:proxim:ap-4000:3.0:::::::*
	cpe:2.3:h:proxim:ap-600:2.5.4:::::::*
	cpe:2.3:h:proxim:ap-700:2.4.12:::::::*
	cpe:2.3:h:proxim:ap-700:3.0:::::::*

References

Link	Resource
http://keygen.proxim.com/support/cs/Documents/802.1x_vulnerability.pdf
http://secunia.com/advisories/18047	Patch Vendor Advisory
http://secunia.com/advisories/18057
http://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf	Patch Vendor Advisory
http://www.osvdb.org/22091
http://www.vupen.com/english/advisories/2005/2931

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2005-12-16T11:00:00

Updated: 2006-01-20T10:00:00

Reserved: 2005-10-18T00:00:00

Link: CVE-2005-3253

JSON object: View

NVD Information

Status : Modified

Published: 2005-12-16T11:03:00.000

Modified: 2011-03-08T02:26:07.437

Link: CVE-2005-3253

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2005-12-15T00:00:00", "descriptions": [{"lang": "en", "value": "Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5.4, and AP-7/AP-8 2.5 and other versions before 3.1, and (2) Proxim AP-600 and AP-2000 before 2.5.5, and Proxim AP-700 and AP-4000 after 2.4.11 and before 3.1, use a static WEP key of \"12345\", which allows remote attackers to bypass authentication."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2006-01-20T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "22091", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/22091"}, {"name": "18047", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/18047"}, {"name": "18057", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/18057"}, {"name": "ADV-2005-2931", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2005/2931"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://keygen.proxim.com/support/cs/Documents/802.1x_vulnerability.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-3253", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5.4, and AP-7/AP-8 2.5 and other versions before 3.1, and (2) Proxim AP-600 and AP-2000 before 2.5.5, and Proxim AP-700 and AP-4000 after 2.4.11 and before 3.1, use a static WEP key of \"12345\", which allows remote attackers to bypass authentication."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "22091", "refsource": "OSVDB", "url": "http://www.osvdb.org/22091"}, {"name": "18047", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18047"}, {"name": "18057", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18057"}, {"name": "ADV-2005-2931", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/2931"}, {"name": "http://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf", "refsource": "CONFIRM", "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf"}, {"name": "http://keygen.proxim.com/support/cs/Documents/802.1x_vulnerability.pdf", "refsource": "CONFIRM", "url": "http://keygen.proxim.com/support/cs/Documents/802.1x_vulnerability.pdf"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-3253", "datePublished": "2005-12-16T11:00:00", "dateReserved": "2005-10-18T00:00:00", "dateUpdated": "2006-01-20T10:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:avaya:wireless_ap-3:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "BE41CF27-432E-4A11-A804-954195538FB4", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:wireless_ap-3:2.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "CF5C425E-F670-4DEF-B532-07D8DC66E8CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:wireless_ap-4:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "1485FB74-AD78-40B4-8183-63B11BF27249", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:wireless_ap-4:2.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "92381317-38CE-4B56-B3AC-4465A351EDD5", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:wireless_ap-5:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "BF560B1A-F41F-4EDE-9172-60AD80EBF9E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:wireless_ap-5:2.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "A7307F22-DB94-4DE4-8873-6A6CA791213C", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:wireless_ap-6:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "D95A1268-ECCF-4AC0-BD14-2D0B9172AEE3", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:wireless_ap-6:2.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "B95082B7-7B8D-4A7E-9506-592E2399287B", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:wireless_ap-7:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "ABF3A01B-17E5-4683-8EAC-0E174473A5A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:wireless_ap-8:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "BA452029-2FB7-4B84-9DDC-84A3007650CF", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:proxim:ap-2000:2.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "6DD83FFB-8EE9-4551-B36C-4D7CF68EFF29", "vulnerable": true}, {"criteria": "cpe:2.3:h:proxim:ap-4000:2.4.12:*:*:*:*:*:*:*", "matchCriteriaId": "C41ED996-F360-4CC6-9916-EEE454BC5E25", "vulnerable": true}, {"criteria": "cpe:2.3:h:proxim:ap-4000:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7235EE55-1513-45DE-A5A8-E60A0192C35C", "vulnerable": true}, {"criteria": "cpe:2.3:h:proxim:ap-600:2.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "7B336E98-6E84-41CA-8EF2-2E8D67B9B247", "vulnerable": true}, {"criteria": "cpe:2.3:h:proxim:ap-700:2.4.12:*:*:*:*:*:*:*", "matchCriteriaId": "9A1BE5EA-F7B6-4A4D-A527-DFD074B37D28", "vulnerable": true}, {"criteria": "cpe:2.3:h:proxim:ap-700:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "08771AE2-6096-4268-A0A8-28041ED49D48", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5.4, and AP-7/AP-8 2.5 and other versions before 3.1, and (2) Proxim AP-600 and AP-2000 before 2.5.5, and Proxim AP-700 and AP-4000 after 2.4.11 and before 3.1, use a static WEP key of \"12345\", which allows remote attackers to bypass authentication."}], "id": "CVE-2005-3253", "lastModified": "2011-03-08T02:26:07.437", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2005-12-16T11:03:00.000", "references": [{"source": "cve@mitre.org", "url": "http://keygen.proxim.com/support/cs/Documents/802.1x_vulnerability.pdf"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/18047"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/18057"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-233.pdf"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/22091"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2005/2931"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}