6 matches found
CVE-2003-1096
The Cisco LEAP challenge/response authentication mechanism uses passwords in a way that is susceptible to dictionary attacks, which makes it easier for remote attackers to gain privileges via brute force password guessing attacks...
UPDATE: Cisco Security Notice: Dictionary Attack on Cisco LEAP Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Notice: Dictionary Attack on Cisco LEAP Vulnerability Revision 2.0 Last Updated 2004 April 12 1600 UTC GMT For Public Release 2003 August 03 1600 UTC GMT ---------------------------------------------------------------------- Contents...
Release of Cisco Attack tool Asleap
In August 2003, I wrote a tool called asleap for Linux systems to exploit a weakness in the Cisco LEAP authentication protocol. Using this tool, an attacker can actively compromise Cisco LEAP networks by mounting an offline dictionary attack against weak user passwords. In my testing, I was able ...
CVE-2003-1096
The Cisco LEAP challenge/response authentication mechanism uses passwords in a way that is susceptible to dictionary attacks, which makes it easier for remote attackers to gain privileges via brute force password guessing attacks...
Cisco Lightweight Extensible Authentication Protocol (LEAP) uses passwords that are vulnerable to dictionary attacks
Overview The Cisco LEAP protocol uses hashed passwords that are vulnerable to dictionary attacks. Successful attackers will be able to gain unauthorized access to affected networks. Description The Cisco Lightweight Extensible Authentication Protocol LEAP provides an authentication mechanism for...
Cisco LEAP - Password Disclosure
source: https://www.securityfocus.com/bid/8755/info It has been reported that Cisco LEAP Lightweight Extensible Authentication Protocol is prone to a password disclosure weakness that may allow a remote user to steal user passwords. The issue may be exploited out by brute forcing user passwords...