So, if I use a product which clearly states, in the instructions, that
the default password for WEP is set to a known value, and that this must be
changed, and I don't do this, it's the vendor's fault?
This 'vulnerability' beggars belief.
-thomas
On Mon, 2 Apr 2001, Bill Arbaugh wrote:
> Name: RG-1000 default network name and WEP key exposure
>
> Product: Orinoco RG-1000 (www.wavelan.com)
>
> Severity: An attacker can determine the network name (SSID), and
> current WEP encryption key-- allowing unrestricted
> access to the LAN.
--
Do what thou wilt shall be the whole of the Law.
-- Aleister Crowley
gpg: pub 1024D/81FD4B43 sub 4096g/BB6D2B11=>p.nu/d
2B72 53DB 8104 2041 BDB4 F053 4AE5 01DF 81FD 4B43
