CVE-2011-4872 - OpenCVE

Multiple HTC Android devices including Desire HD FRG83D and GRI40, Glacier FRG83, Droid Incredible FRF91, Thunderbolt 4G FRG83D, Sensation Z710e GRI40, Sensation 4G GRI40, Desire S GRI40, EVO 3D GRI40, and EVO 4G GRI40 allow remote attackers to obtain 802.1X Wi-Fi credentials and SSID via a crafted application that uses the android.permission.ACCESS_WIFI_STATE permission to call the toString method on the WifiConfiguration class.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:H/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Htc	Droid Incredible Desire S Sensation 4g Thunderbolt 4g Evo 4g Evo 3d Sensation Z710e Glacier Desire Hd

Configuration 1 [-]

OR	cpe:2.3:h:htc:desire_hd:frg83d:::::::*
	cpe:2.3:h:htc:desire_hd:gri40:::::::*
	cpe:2.3:h:htc:desire_s:gri40:::::::*
	cpe:2.3:h:htc:droid_incredible:frf91:::::::*
	cpe:2.3:h:htc:evo_3d:gri40:::::::*
	cpe:2.3:h:htc:evo_4g:gri40:::::::*
	cpe:2.3:h:htc:glacier:frg83:::::::*
	cpe:2.3:h:htc:sensation_4g:gri40:::::::*
	cpe:2.3:h:htc:sensation_z710e:gri40:::::::*
	cpe:2.3:h:htc:thunderbolt_4g:frg83d:::::::*

References

Link	Resource
http://archives.neohapsis.com/archives/bugtraq/2012-02/0002.html
http://blog.mywarwithentropy.com/2012/02/8021x-password-exploit-on-many-htc.html
http://secunia.com/advisories/47837	Vendor Advisory
http://www.kb.cert.org/vuls/id/763355	US Government Resource
http://www.securityfocus.com/bid/51790

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: certcc

Published: 2022-10-03T16:15:14

Updated: 2022-10-03T16:15:14

Reserved: 2022-10-03T00:00:00

Link: CVE-2011-4872

JSON object: View

NVD Information

Status : Analyzed

Published: 2012-02-05T11:55:03.047

Modified: 2012-02-16T05:00:00.000

Link: CVE-2011-4872

JSON object: View

Redhat Information

No data.

CWE

CWE-200

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Multiple HTC Android devices including Desire HD FRG83D and GRI40, Glacier FRG83, Droid Incredible FRF91, Thunderbolt 4G FRG83D, Sensation Z710e GRI40, Sensation 4G GRI40, Desire S GRI40, EVO 3D GRI40, and EVO 4G GRI40 allow remote attackers to obtain 802.1X Wi-Fi credentials and SSID via a crafted application that uses the android.permission.ACCESS_WIFI_STATE permission to call the toString method on the WifiConfiguration class."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-10-03T16:15:14", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc"}, "references": [{"name": "VU#763355", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/763355"}, {"name": "20120201 802.1X password exploit on many HTC Android devices", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2012-02/0002.html"}, {"name": "47837", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/47837"}, {"tags": ["x_refsource_MISC"], "url": "http://blog.mywarwithentropy.com/2012/02/8021x-password-exploit-on-many-htc.html"}, {"name": "51790", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/51790"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cert@cert.org", "ID": "CVE-2011-4872", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple HTC Android devices including Desire HD FRG83D and GRI40, Glacier FRG83, Droid Incredible FRF91, Thunderbolt 4G FRG83D, Sensation Z710e GRI40, Sensation 4G GRI40, Desire S GRI40, EVO 3D GRI40, and EVO 4G GRI40 allow remote attackers to obtain 802.1X Wi-Fi credentials and SSID via a crafted application that uses the android.permission.ACCESS_WIFI_STATE permission to call the toString method on the WifiConfiguration class."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "VU#763355", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/763355"}, {"name": "20120201 802.1X password exploit on many HTC Android devices", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-02/0002.html"}, {"name": "47837", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/47837"}, {"name": "http://blog.mywarwithentropy.com/2012/02/8021x-password-exploit-on-many-htc.html", "refsource": "MISC", "url": "http://blog.mywarwithentropy.com/2012/02/8021x-password-exploit-on-many-htc.html"}, {"name": "51790", "refsource": "BID", "url": "http://www.securityfocus.com/bid/51790"}]}}}}, "cveMetadata": {"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2011-4872", "datePublished": "2022-10-03T16:15:14", "dateReserved": "2022-10-03T00:00:00", "dateUpdated": "2022-10-03T16:15:14", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:htc:desire_hd:frg83d:*:*:*:*:*:*:*", "matchCriteriaId": "A47D18AA-CFF9-4AD8-AE88-2CA747123EBE", "vulnerable": true}, {"criteria": "cpe:2.3:h:htc:desire_hd:gri40:*:*:*:*:*:*:*", "matchCriteriaId": "F0653264-C983-4944-9C58-FB66695810B0", "vulnerable": true}, {"criteria": "cpe:2.3:h:htc:desire_s:gri40:*:*:*:*:*:*:*", "matchCriteriaId": "F9F69A6B-DE64-40FD-9A0D-4F58A0D40876", "vulnerable": true}, {"criteria": "cpe:2.3:h:htc:droid_incredible:frf91:*:*:*:*:*:*:*", "matchCriteriaId": "104EFEA6-6768-4BC4-BB79-636607F6B633", "vulnerable": true}, {"criteria": "cpe:2.3:h:htc:evo_3d:gri40:*:*:*:*:*:*:*", "matchCriteriaId": "04CE53C2-E91D-4E99-820A-D06BA1BBAAD3", "vulnerable": true}, {"criteria": "cpe:2.3:h:htc:evo_4g:gri40:*:*:*:*:*:*:*", "matchCriteriaId": "FF9842B1-3735-48CC-9163-36253B9C5AF6", "vulnerable": true}, {"criteria": "cpe:2.3:h:htc:glacier:frg83:*:*:*:*:*:*:*", "matchCriteriaId": "41DA09C0-2C0F-4605-A9ED-B76436FC8969", "vulnerable": true}, {"criteria": "cpe:2.3:h:htc:sensation_4g:gri40:*:*:*:*:*:*:*", "matchCriteriaId": "8A373B93-7BA1-474E-99E8-B0507A317C7B", "vulnerable": true}, {"criteria": "cpe:2.3:h:htc:sensation_z710e:gri40:*:*:*:*:*:*:*", "matchCriteriaId": "8F11BB06-D097-48F9-9B39-28916BB3CA1D", "vulnerable": true}, {"criteria": "cpe:2.3:h:htc:thunderbolt_4g:frg83d:*:*:*:*:*:*:*", "matchCriteriaId": "4F8DC280-89A4-482C-BCBA-7721E898935A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple HTC Android devices including Desire HD FRG83D and GRI40, Glacier FRG83, Droid Incredible FRF91, Thunderbolt 4G FRG83D, Sensation Z710e GRI40, Sensation 4G GRI40, Desire S GRI40, EVO 3D GRI40, and EVO 4G GRI40 allow remote attackers to obtain 802.1X Wi-Fi credentials and SSID via a crafted application that uses the android.permission.ACCESS_WIFI_STATE permission to call the toString method on the WifiConfiguration class."}, {"lang": "es", "value": "M\u00faltiples dispositivos Android HTC incluyendo Desire HD FRG83D y GRI40, Glacier FRG83, Droid Incredible FRF91, Thunderbolt 4G FRG83D, Sensation Z710e GRI40, Sensation 4G GRI40, Desire S GRI40, EVO 3D GRI40 y EVO 4G GRI40 permiten a atacantes remotos obtener las credenciales Wi-Fi 802.1X y el SSID a trav\u00e9s de una aplicaci\u00f3n modificada que utiliza el permiso android.permission.ACCESS_WIFI_STATE para invocar el m\u00e9todo toString en la clase WifiConfiguration."}], "id": "CVE-2011-4872", "lastModified": "2012-02-16T05:00:00.000", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2012-02-05T11:55:03.047", "references": [{"source": "cret@cert.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-02/0002.html"}, {"source": "cret@cert.org", "url": "http://blog.mywarwithentropy.com/2012/02/8021x-password-exploit-on-many-htc.html"}, {"source": "cret@cert.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/47837"}, {"source": "cret@cert.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/763355"}, {"source": "cret@cert.org", "url": "http://www.securityfocus.com/bid/51790"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}