Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The administration capability for Apple AirPort 802.11 wireless access point devices uses weak encryption (XOR with a fixed key) for protecting authentication credentials, which could allow remote attackers to obtain administrative access via sniffing when the capability is available via Ethernet or non-WEP connections.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apple AirPort管理员密码加密漏洞
Vulnerability Description
Apple AirPort设备是一款无线访问接入点,可为网络客户端提供802.11服务。此设备可以通过管理协议经过TCP 5009端口进行管理。 Apple AirPort设备的管理验证过程采用的密码加密机制过于简单,远程攻击者可以利用这个漏洞嗅探网络,获得密码信息。 AirPort设备采用验证信息的密码最长长度为32字符,并针对预定义的密钥进行XOR操作。当把这密码传送到网络时,密码固定为32字节被发送出去。@stake在使用单个字符作为口令进行实验,通过观察网络数据包的交换发现了31字节长的用于进行X
CVSS Information
N/A
Vulnerability Type
N/A