Vulnerability in N/a
CVE-2003-1096
The Cisco LEAP challenge/response authentication mechanism uses passwords in a way that is susceptible to dictionary attacks, which makes it easier for remote attackers to gain privileges via brute force password guessing attacks.
EPSS: 0.545 (98.1th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- 20031003 Dictionary attack against Cisco's LEAP, Wireless LANs vulnerable (mailing-list, x_refsource_BUGTRAQ)
- 20031006 Weaknesses in LEAP Challenge/Response (mailing-list, x_refsource_BUGTRAQ)
- 15209 (x_refsource_OSVDB, vdb-entry)
- 20040407 Release of Cisco Attack tool Asleap (mailing-list, x_refsource_BUGTRAQ)
- 8755 (vdb-entry, x_refsource_BID)
- 20030803 Dictionary Attack on Cisco LEAP Vulnerability (x_refsource_CISCO, vendor-advisory)
- VU#473108 (x_refsource_CERT-VN, third-party-advisory)
- cisco-leap-dictionary(12804) (vdb-entry, x_refsource_XF)