Symbol Technologies Firmware Insecure SNMP Vulnerability

Symbol Technologies is the manufacturer of various wireless electronic components and devices. Symbol Technologies provides components to various manufacturers for use in Wireless Access Points on 802.11b networks.

A problem in Symbol firmware makes it possible to retrieve the WEP Key from the wired network interface. This can be accomplished by sending a query to the interface via SNMP. The need for a community string with the query is currently unknown.

Therefore, it's possible for a remote user to gain access to the WEP key, which could lead to sniffing of the wireless network, and potentially gaining unrestricted access.


Privacy Statement
Copyright 2010, SecurityFocus