Information Security News mailing list archives
Security researchers demo Cisco Wi-Fi flaws
From: InfoSec News <alerts () infosecnews org>
Date: Mon, 19 Apr 2010 00:48:19 -0500 (CDT)
http://www.zdnet.co.uk/news/security-threats/2010/04/16/security-researchers-demo-cisco-wi-fi-flaws-40088653/ By Richard Thurston ZDNet UK 16 April, 2010 Two generations of Cisco wireless LAN equipment contain a range of vulnerabilities, researchers have told the Black Hat security conference. Enno Rey and Daniel Mende from German testing firm ERNW demonstrated how to hack into two separate generations of Cisco Wi-Fi kit. They said that the flaws were fairly easy to find and exploit. In a presentation called 'Hacking Cisco Enterprise WLANs' on Wednesday, the researchers demonstrated an attack aimed at Cisco's first generation equipment Cisco Structured Wireless Aware Network (Swan). The researchers said it was possible to launch denial of service attacks and to sniff encrypted traffic on Swan by exploiting weaknesses in Cisco's Wireless LAN Context Control Protocol (WLCCP). The protocol defines how information is sent between wireless access points. Swan access points transfer keys between them to facilitate roaming. Rey said that Leap - the authentication protocol used in Cisco's equipment - was weak, meaning that the cryptography used to hide the keys could be broken. [...] ___________________________________________________________ Register now for HITBSecConf2010 - Dubai, the premier deep-knowledge network security event in the GCC, featuring keynote speakers John Viega and Matt Watchinski! http://conference.hitb.org/hitbsecconf2010dxb/
Current thread:
- Security researchers demo Cisco Wi-Fi flaws InfoSec News (Apr 18)