Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Weaknesses in LEAP Challenge/Response
Oct 06 2003 12:06PM
Joshua Wright (Joshua Wright jwu edu)
-----BEGIN PGP SIGNED MESSAGE-----
In August 2003, I sent a tool I had written to the Cisco PSIRT team
that exploited weaknesses in the LEAP challenge/response
authentication mechanism. This tool leveraged large password lists
to efficiently launch offline dictionary attacks against LEA...
[ more ]
Copyright 2010, SecurityFocus