cvelistv5 - cve-2005-3482

cve-2005-3482

Vulnerability from cvelistv5

Published

2005-11-03 02:00

Modified

2024-08-07 23:17

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/17406
cve@mitre.org	http://securityreason.com/securityalert/139
cve@mitre.org	http://securitytracker.com/id?1015140
cve@mitre.org	http://www.cisco.com/warp/public/707/cisco-sa-20051102-lwapp.shtml	Patch, Vendor Advisory
cve@mitre.org	http://www.osvdb.org/20454
cve@mitre.org	http://www.securityfocus.com/bid/15272
cve@mitre.org	http://www.vupen.com/english/advisories/2005/2278
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/17406
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/139
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1015140
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/warp/public/707/cisco-sa-20051102-lwapp.shtml	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/20454
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/15272
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2005/2278

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:17:22.706Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "139",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/139"
          },
          {
            "name": "20454",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/20454"
          },
          {
            "name": "15272",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/15272"
          },
          {
            "name": "17406",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17406"
          },
          {
            "name": "1015140",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015140"
          },
          {
            "name": "20051102 Cisco Airespace Wireless LAN Controllers Allow Unencrypted Network Access",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20051102-lwapp.shtml"
          },
          {
            "name": "ADV-2005-2278",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/2278"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-11-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cisco 1200, 1131, and 1240 series Access Points, when operating in Lightweight Access Point Protocol (LWAPP) mode and controlled by 2000 and 4400 series Airespace WLAN controllers running 3.1.59.24, allow remote attackers to send unencrypted traffic to a secure network using frames with the MAC address of an authenticated end host."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2005-11-18T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "139",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/139"
        },
        {
          "name": "20454",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/20454"
        },
        {
          "name": "15272",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/15272"
        },
        {
          "name": "17406",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17406"
        },
        {
          "name": "1015140",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015140"
        },
        {
          "name": "20051102 Cisco Airespace Wireless LAN Controllers Allow Unencrypted Network Access",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/warp/public/707/cisco-sa-20051102-lwapp.shtml"
        },
        {
          "name": "ADV-2005-2278",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/2278"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-3482",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cisco 1200, 1131, and 1240 series Access Points, when operating in Lightweight Access Point Protocol (LWAPP) mode and controlled by 2000 and 4400 series Airespace WLAN controllers running 3.1.59.24, allow remote attackers to send unencrypted traffic to a secure network using frames with the MAC address of an authenticated end host."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "139",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/139"
            },
            {
              "name": "20454",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/20454"
            },
            {
              "name": "15272",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/15272"
            },
            {
              "name": "17406",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17406"
            },
            {
              "name": "1015140",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015140"
            },
            {
              "name": "20051102 Cisco Airespace Wireless LAN Controllers Allow Unencrypted Network Access",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/warp/public/707/cisco-sa-20051102-lwapp.shtml"
            },
            {
              "name": "ADV-2005-2278",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/2278"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-3482",
    "datePublished": "2005-11-03T02:00:00",
    "dateReserved": "2005-11-03T00:00:00",
    "dateUpdated": "2024-08-07T23:17:22.706Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:aironet_ap1131:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA740581-ED86-4822-9516-BCCA4C267561\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:aironet_ap1200:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2E8B5553-7295-4786-9F81-B4527EAD4F0B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:aironet_ap1240:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6AAA8DE4-4E1D-4286-846D-0381BF68632F\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Cisco 1200, 1131, and 1240 series Access Points, when operating in Lightweight Access Point Protocol (LWAPP) mode and controlled by 2000 and 4400 series Airespace WLAN controllers running 3.1.59.24, allow remote attackers to send unencrypted traffic to a secure network using frames with the MAC address of an authenticated end host.\"}]",
      "id": "CVE-2005-3482",
      "lastModified": "2024-11-21T00:02:00.107",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:P/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2005-11-03T02:02:00.000",
      "references": "[{\"url\": \"http://secunia.com/advisories/17406\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://securityreason.com/securityalert/139\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://securitytracker.com/id?1015140\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.cisco.com/warp/public/707/cisco-sa-20051102-lwapp.shtml\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.osvdb.org/20454\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/15272\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2005/2278\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/17406\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securityreason.com/securityalert/139\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1015140\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.cisco.com/warp/public/707/cisco-sa-20051102-lwapp.shtml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.osvdb.org/20454\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/15272\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2005/2278\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2005-3482\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2005-11-03T02:02:00.000\",\"lastModified\":\"2024-11-21T00:02:00.107\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cisco 1200, 1131, and 1240 series Access Points, when operating in Lightweight Access Point Protocol (LWAPP) mode and controlled by 2000 and 4400 series Airespace WLAN controllers running 3.1.59.24, allow remote attackers to send unencrypted traffic to a secure network using frames with the MAC address of an authenticated end host.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:aironet_ap1131:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA740581-ED86-4822-9516-BCCA4C267561\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:aironet_ap1200:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E8B5553-7295-4786-9F81-B4527EAD4F0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:aironet_ap1240:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AAA8DE4-4E1D-4286-846D-0381BF68632F\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/17406\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securityreason.com/securityalert/139\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1015140\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.cisco.com/warp/public/707/cisco-sa-20051102-lwapp.shtml\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/20454\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/15272\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2005/2278\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/17406\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securityreason.com/securityalert/139\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1015140\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.cisco.com/warp/public/707/cisco-sa-20051102-lwapp.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/20454\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/15272\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2005/2278\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

Cisco 1200, 1131, and 1240 series Access Points, when operating in Lightweight Access Point Protocol (LWAPP) mode and controlled by 2000 and 4400 series Airespace WLAN controllers running 3.1.59.24, allow remote attackers to send unencrypted traffic to a secure network using frames with the MAC address of an authenticated end host. Cisco Airespace WLAN (Wireless LAN) devices are prone to an issue that may permit unauthorized parties to access a secure network. This may bypass the security of the wireless network as it may permit unauthorized access by hosts that have not authenticated. Legitimate end hosts can still communicate encrypted with the access point.

The vulnerability is caused due to the WLAN controller accepting unencrypted traffic from end hosts even when it is configured to perform encryption.

SOLUTION: Update to version 3.1.105.0 of the WLAN Controller software.

Cisco 2000 Series WLAN Controller: http://www.cisco.com/pcgi-bin/tablebuild.pl/2000_series_Wireless_LAN_controller

Cisco 4400 Series WLAN Controller: http://www.cisco.com/pcgi-bin/tablebuild.pl/4400_series_Wireless_LAN_controller

ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20051102-lwapp.shtml

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200511-0349",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "aironet ap1200",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "*"
      },
      {
        "model": "aironet ap1240",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "*"
      },
      {
        "model": "aironet ap1131",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "*"
      },
      {
        "model": "aironet ap1240",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "aironet ap1131",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "aironet ap1200",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "series airespace wireless lan controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "40003.1.59.24"
      },
      {
        "model": "series airespace wireless lan controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "20003.1.59.24"
      },
      {
        "model": "series access point",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1240"
      },
      {
        "model": "series access point",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1200"
      },
      {
        "model": "series access point",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1131"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "15272"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3482"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200511-085"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:cisco:aironet_ap1200:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:aironet_ap1240:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:aironet_ap1131:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2005-3482"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200511-085"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2005-3482",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-14691",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2005-3482",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200511-085",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-14691",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-14691"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3482"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200511-085"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco 1200, 1131, and 1240 series Access Points, when operating in Lightweight Access Point Protocol (LWAPP) mode and controlled by 2000 and 4400 series Airespace WLAN controllers running 3.1.59.24, allow remote attackers to send unencrypted traffic to a secure network using frames with the MAC address of an authenticated end host. Cisco Airespace WLAN (Wireless LAN) devices are prone to an issue that may permit unauthorized parties to access a secure network.  This may bypass the security of the wireless network as it may permit unauthorized access by hosts that have not authenticated. Legitimate end hosts can still communicate encrypted with the access point. \n\nThe vulnerability is caused due to the WLAN controller accepting\nunencrypted traffic from end hosts even when it is configured to\nperform encryption. \n\nSOLUTION:\nUpdate to version 3.1.105.0 of the WLAN Controller software. \n\nCisco 2000 Series WLAN Controller:\nhttp://www.cisco.com/pcgi-bin/tablebuild.pl/2000_series_Wireless_LAN_controller\n\nCisco 4400 Series WLAN Controller:\nhttp://www.cisco.com/pcgi-bin/tablebuild.pl/4400_series_Wireless_LAN_controller\n\nORIGINAL ADVISORY:\nhttp://www.cisco.com/warp/public/707/cisco-sa-20051102-lwapp.shtml\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2005-3482"
      },
      {
        "db": "BID",
        "id": "15272"
      },
      {
        "db": "VULHUB",
        "id": "VHN-14691"
      },
      {
        "db": "PACKETSTORM",
        "id": "41238"
      }
    ],
    "trust": 1.35
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "15272",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "17406",
        "trust": 1.8
      },
      {
        "db": "VUPEN",
        "id": "ADV-2005-2278",
        "trust": 1.7
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3482",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1015140",
        "trust": 1.7
      },
      {
        "db": "SREASON",
        "id": "139",
        "trust": 1.7
      },
      {
        "db": "OSVDB",
        "id": "20454",
        "trust": 1.7
      },
      {
        "db": "CISCO",
        "id": "20051102 CISCO AIRESPACE WIRELESS LAN CONTROLLERS ALLOW UNENCRYPTED NETWORK ACCESS",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200511-085",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-14691",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "41238",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-14691"
      },
      {
        "db": "BID",
        "id": "15272"
      },
      {
        "db": "PACKETSTORM",
        "id": "41238"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3482"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200511-085"
      }
    ]
  },
  "id": "VAR-200511-0349",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-14691"
      }
    ],
    "trust": 0.725
  },
  "last_update_date": "2023-12-18T13:49:55.044000Z",
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2005-3482"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.1,
        "url": "http://www.cisco.com/warp/public/707/cisco-sa-20051102-lwapp.shtml"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/15272"
      },
      {
        "trust": 1.7,
        "url": "http://www.osvdb.org/20454"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1015140"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/17406"
      },
      {
        "trust": 1.7,
        "url": "http://securityreason.com/securityalert/139"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2005/2278"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2005/2278"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://www.cisco.com/pcgi-bin/tablebuild.pl/4400_series_wireless_lan_controller"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6037/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6035/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/17406/"
      },
      {
        "trust": 0.1,
        "url": "http://www.cisco.com/pcgi-bin/tablebuild.pl/2000_series_wireless_lan_controller"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/1929/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6034/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6036/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-14691"
      },
      {
        "db": "BID",
        "id": "15272"
      },
      {
        "db": "PACKETSTORM",
        "id": "41238"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3482"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200511-085"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-14691"
      },
      {
        "db": "BID",
        "id": "15272"
      },
      {
        "db": "PACKETSTORM",
        "id": "41238"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3482"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200511-085"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2005-11-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-14691"
      },
      {
        "date": "2005-11-02T00:00:00",
        "db": "BID",
        "id": "15272"
      },
      {
        "date": "2005-11-03T23:53:57",
        "db": "PACKETSTORM",
        "id": "41238"
      },
      {
        "date": "2005-11-03T02:02:00",
        "db": "NVD",
        "id": "CVE-2005-3482"
      },
      {
        "date": "2005-11-02T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200511-085"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2011-03-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-14691"
      },
      {
        "date": "2005-11-02T00:00:00",
        "db": "BID",
        "id": "15272"
      },
      {
        "date": "2011-03-08T02:26:35.187000",
        "db": "NVD",
        "id": "CVE-2005-3482"
      },
      {
        "date": "2006-06-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200511-085"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200511-085"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Airespace wireless LAN Controller allows unencrypted network access vulnerability",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200511-085"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "access verification error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200511-085"
      }
    ],
    "trust": 0.6
  }
}

cve-2005-3482

Vulnerability from fkie_nvd

Published

2005-11-03 02:02

Modified

2024-11-21 00:02

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/17406
cve@mitre.org	http://securityreason.com/securityalert/139
cve@mitre.org	http://securitytracker.com/id?1015140
cve@mitre.org	http://www.cisco.com/warp/public/707/cisco-sa-20051102-lwapp.shtml	Patch, Vendor Advisory
cve@mitre.org	http://www.osvdb.org/20454
cve@mitre.org	http://www.securityfocus.com/bid/15272
cve@mitre.org	http://www.vupen.com/english/advisories/2005/2278
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/17406
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/139
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1015140
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/warp/public/707/cisco-sa-20051102-lwapp.shtml	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/20454
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/15272
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2005/2278

Impacted products

Vendor	Product	Version
cisco	aironet_ap1131	*
cisco	aironet_ap1200	*
cisco	aironet_ap1240	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:aironet_ap1131:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA740581-ED86-4822-9516-BCCA4C267561",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_ap1200:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E8B5553-7295-4786-9F81-B4527EAD4F0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_ap1240:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AAA8DE4-4E1D-4286-846D-0381BF68632F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco 1200, 1131, and 1240 series Access Points, when operating in Lightweight Access Point Protocol (LWAPP) mode and controlled by 2000 and 4400 series Airespace WLAN controllers running 3.1.59.24, allow remote attackers to send unencrypted traffic to a secure network using frames with the MAC address of an authenticated end host."
    }
  ],
  "id": "CVE-2005-3482",
  "lastModified": "2024-11-21T00:02:00.107",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-11-03T02:02:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/17406"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/139"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1015140"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20051102-lwapp.shtml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/20454"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/15272"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2005/2278"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17406"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/139"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015140"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20051102-lwapp.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/20454"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/15272"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/2278"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

gsd-2005-3482

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

Aliases

CVE-2005-3482

Aliases

CVE-2005-3482

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2005-3482",
    "description": "Cisco 1200, 1131, and 1240 series Access Points, when operating in Lightweight Access Point Protocol (LWAPP) mode and controlled by 2000 and 4400 series Airespace WLAN controllers running 3.1.59.24, allow remote attackers to send unencrypted traffic to a secure network using frames with the MAC address of an authenticated end host.",
    "id": "GSD-2005-3482"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2005-3482"
      ],
      "details": "Cisco 1200, 1131, and 1240 series Access Points, when operating in Lightweight Access Point Protocol (LWAPP) mode and controlled by 2000 and 4400 series Airespace WLAN controllers running 3.1.59.24, allow remote attackers to send unencrypted traffic to a secure network using frames with the MAC address of an authenticated end host.",
      "id": "GSD-2005-3482",
      "modified": "2023-12-13T01:20:12.353531Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2005-3482",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cisco 1200, 1131, and 1240 series Access Points, when operating in Lightweight Access Point Protocol (LWAPP) mode and controlled by 2000 and 4400 series Airespace WLAN controllers running 3.1.59.24, allow remote attackers to send unencrypted traffic to a secure network using frames with the MAC address of an authenticated end host."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "139",
            "refsource": "SREASON",
            "url": "http://securityreason.com/securityalert/139"
          },
          {
            "name": "20454",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/20454"
          },
          {
            "name": "15272",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/15272"
          },
          {
            "name": "17406",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/17406"
          },
          {
            "name": "1015140",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1015140"
          },
          {
            "name": "20051102 Cisco Airespace Wireless LAN Controllers Allow Unencrypted Network Access",
            "refsource": "CISCO",
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20051102-lwapp.shtml"
          },
          {
            "name": "ADV-2005-2278",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2005/2278"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:cisco:aironet_ap1200:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:aironet_ap1240:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:aironet_ap1131:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-3482"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cisco 1200, 1131, and 1240 series Access Points, when operating in Lightweight Access Point Protocol (LWAPP) mode and controlled by 2000 and 4400 series Airespace WLAN controllers running 3.1.59.24, allow remote attackers to send unencrypted traffic to a secure network using frames with the MAC address of an authenticated end host."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20051102 Cisco Airespace Wireless LAN Controllers Allow Unencrypted Network Access",
              "refsource": "CISCO",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.cisco.com/warp/public/707/cisco-sa-20051102-lwapp.shtml"
            },
            {
              "name": "1015140",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1015140"
            },
            {
              "name": "17406",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/17406"
            },
            {
              "name": "15272",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/15272"
            },
            {
              "name": "20454",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/20454"
            },
            {
              "name": "139",
              "refsource": "SREASON",
              "tags": [],
              "url": "http://securityreason.com/securityalert/139"
            },
            {
              "name": "ADV-2005-2278",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2005/2278"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2011-03-08T02:26Z",
      "publishedDate": "2005-11-03T02:02Z"
    }
  }
}

ghsa-7cgh-wxqr-fvg7

Vulnerability from github

Published

2022-05-01 02:18

Modified

2022-05-01 02:18

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2005-3482"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2005-11-03T02:02:00Z",
    "severity": "MODERATE"
  },
  "details": "Cisco 1200, 1131, and 1240 series Access Points, when operating in Lightweight Access Point Protocol (LWAPP) mode and controlled by 2000 and 4400 series Airespace WLAN controllers running 3.1.59.24, allow remote attackers to send unencrypted traffic to a secure network using frames with the MAC address of an authenticated end host.",
  "id": "GHSA-7cgh-wxqr-fvg7",
  "modified": "2022-05-01T02:18:27Z",
  "published": "2022-05-01T02:18:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-3482"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/17406"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/139"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1015140"
    },
    {
      "type": "WEB",
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20051102-lwapp.shtml"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/20454"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/15272"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2005/2278"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2005-3482

Vulnerability from cvelistv5

var-200511-0349

Vulnerability from variot

cve-2005-3482

Vulnerability from fkie_nvd

gsd-2005-3482

Vulnerability from gsd

ghsa-7cgh-wxqr-fvg7

Vulnerability from github

Tags

Sightings

Nomenclature