• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Cisco Aironet Access Point Wired Equivalent Privacy Key Disclosure Vulnerability

Cisco Aironet Access Points that are running Cisco IOS have been reported prone to an information disclosure vulnerability that could lead to the disclosure of wired equivalent privacy (WEP) keys.

The issue has been reported to exist if the 'snmp-server enable traps wlan-wep' command has been set. The issue presents itself because when this functionality is enabled the Cisco Aironet Access Point will send the WEP key in a plain text format to the simple network management protocol server.