We are what we repeatedly do. Excellence, then, is a habit.
Socrates (470-399 BC); Greek philosopher.

- Vulnerability in Cisco wireless access devices -
Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)

Madrid, December 4, 2003 - Cisco has reported -at
http://www.cisco.com/warp/public/707/cisco-sa-20031202-SNMP-trap.shtml - a
key disclosure problem in Cisco Aironet Access Points running Cisco IOS.



This vulnerability affects Cisco Aironet 1100, 1200 and 1400 series devices,
but not dynamically set(*) Wired Equivalent Privacy (WEP) keys. This flaw
lies in the software sending static WEP keys in cleartext -without
encrypting them- to the Simple Network Management Protocol (SNMP) server, if
the snmp-server enable traps wlan-wep command is enabled.

Cisco offers the software upgrades to all clients whose computers could be
affected by this vulnerability. They have also offered a workaround which is
to disable the command associated to the vulnerable configuration by typing
the following global command: ap1200(config)#no snmp-server enable traps
wlan-wep

Cisco recommends users not to use static WEP keys, but some of the
Extensible Authentication Protocol (EAP) authentication protocols supported
by the Access Point.

(*) A WEP key is dynamically set if it uses one on the EAP protocols.

NOTE: The address above may not show up on your screen as a single line.
This would prevent you from using the link to access the web page. If this
happens, just use the 'cut' and 'paste' options to join the pieces of the
URL.