CVE-2008-5230 - OpenCVE

The Temporal Key Integrity Protocol (TKIP) implementation in unspecified Cisco products and other vendors' products, as used in WPA and WPA2 on Wi-Fi networks, has insufficient countermeasures against certain crafted and replayed packets, which makes it easier for remote attackers to decrypt packets from an access point (AP) to a client and spoof packets from an AP to a client, and conduct ARP poisoning attacks or other attacks, as demonstrated by tkiptun-ng.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Ios

Configuration 1 [-]

cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://arstechnica.com/articles/paedia/wpa-cracked.ars
http://dl.aircrack-ng.org/breakingwepandwpa.pdf
http://lists.immunitysec.com/pipermail/dailydave/2008-November/005413.html
http://radajo.blogspot.com/2008/11/wpatkip-chopchop-attack.html
http://trac.aircrack-ng.org/svn/trunk/src/tkiptun-ng.c
http://www.aircrack-ng.org/doku.php?id=tkiptun-ng
http://www.cisco.com/en/US/products/products_security_response09186a0080a30036.html
http://www.securityfocus.com/bid/32164

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2008-11-25T23:00:00Z

Updated: 2024-09-17T02:31:10.603Z

Reserved: 2008-11-25T00:00:00Z

Link: CVE-2008-5230

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2008-11-25T23:30:00.593

Modified: 2008-12-03T05:00:00.000

Link: CVE-2008-5230

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "The Temporal Key Integrity Protocol (TKIP) implementation in unspecified Cisco products and other vendors' products, as used in WPA and WPA2 on Wi-Fi networks, has insufficient countermeasures against certain crafted and replayed packets, which makes it easier for remote attackers to decrypt packets from an access point (AP) to a client and spoof packets from an AP to a client, and conduct ARP poisoning attacks or other attacks, as demonstrated by tkiptun-ng."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2008-11-25T23:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "[dailydave] 20081107 All Ur WiFi(WPA) R Belong 2 PacSec", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.immunitysec.com/pipermail/dailydave/2008-November/005413.html"}, {"tags": ["x_refsource_MISC"], "url": "http://arstechnica.com/articles/paedia/wpa-cracked.ars"}, {"tags": ["x_refsource_MISC"], "url": "http://trac.aircrack-ng.org/svn/trunk/src/tkiptun-ng.c"}, {"name": "20081121 Cisco Response to TKIP Encryption Weakness", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/en/US/products/products_security_response09186a0080a30036.html"}, {"tags": ["x_refsource_MISC"], "url": "http://radajo.blogspot.com/2008/11/wpatkip-chopchop-attack.html"}, {"tags": ["x_refsource_MISC"], "url": "http://dl.aircrack-ng.org/breakingwepandwpa.pdf"}, {"tags": ["x_refsource_MISC"], "url": "http://www.aircrack-ng.org/doku.php?id=tkiptun-ng"}, {"name": "32164", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/32164"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-5230", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Temporal Key Integrity Protocol (TKIP) implementation in unspecified Cisco products and other vendors' products, as used in WPA and WPA2 on Wi-Fi networks, has insufficient countermeasures against certain crafted and replayed packets, which makes it easier for remote attackers to decrypt packets from an access point (AP) to a client and spoof packets from an AP to a client, and conduct ARP poisoning attacks or other attacks, as demonstrated by tkiptun-ng."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[dailydave] 20081107 All Ur WiFi(WPA) R Belong 2 PacSec", "refsource": "MLIST", "url": "http://lists.immunitysec.com/pipermail/dailydave/2008-November/005413.html"}, {"name": "http://arstechnica.com/articles/paedia/wpa-cracked.ars", "refsource": "MISC", "url": "http://arstechnica.com/articles/paedia/wpa-cracked.ars"}, {"name": "http://trac.aircrack-ng.org/svn/trunk/src/tkiptun-ng.c", "refsource": "MISC", "url": "http://trac.aircrack-ng.org/svn/trunk/src/tkiptun-ng.c"}, {"name": "20081121 Cisco Response to TKIP Encryption Weakness", "refsource": "CISCO", "url": "http://www.cisco.com/en/US/products/products_security_response09186a0080a30036.html"}, {"name": "http://radajo.blogspot.com/2008/11/wpatkip-chopchop-attack.html", "refsource": "MISC", "url": "http://radajo.blogspot.com/2008/11/wpatkip-chopchop-attack.html"}, {"name": "http://dl.aircrack-ng.org/breakingwepandwpa.pdf", "refsource": "MISC", "url": "http://dl.aircrack-ng.org/breakingwepandwpa.pdf"}, {"name": "http://www.aircrack-ng.org/doku.php?id=tkiptun-ng", "refsource": "MISC", "url": "http://www.aircrack-ng.org/doku.php?id=tkiptun-ng"}, {"name": "32164", "refsource": "BID", "url": "http://www.securityfocus.com/bid/32164"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T10:49:11.785Z"}, "title": "CVE Program Container", "references": [{"name": "[dailydave] 20081107 All Ur WiFi(WPA) R Belong 2 PacSec", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.immunitysec.com/pipermail/dailydave/2008-November/005413.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://arstechnica.com/articles/paedia/wpa-cracked.ars"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://trac.aircrack-ng.org/svn/trunk/src/tkiptun-ng.c"}, {"name": "20081121 Cisco Response to TKIP Encryption Weakness", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://www.cisco.com/en/US/products/products_security_response09186a0080a30036.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://radajo.blogspot.com/2008/11/wpatkip-chopchop-attack.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://dl.aircrack-ng.org/breakingwepandwpa.pdf"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.aircrack-ng.org/doku.php?id=tkiptun-ng"}, {"name": "32164", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/32164"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-5230", "datePublished": "2008-11-25T23:00:00Z", "dateReserved": "2008-11-25T00:00:00Z", "dateUpdated": "2024-09-17T02:31:10.603Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", "matchCriteriaId": "5802E2D8-7069-474C-826F-AEE7B50BFE34", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Temporal Key Integrity Protocol (TKIP) implementation in unspecified Cisco products and other vendors' products, as used in WPA and WPA2 on Wi-Fi networks, has insufficient countermeasures against certain crafted and replayed packets, which makes it easier for remote attackers to decrypt packets from an access point (AP) to a client and spoof packets from an AP to a client, and conduct ARP poisoning attacks or other attacks, as demonstrated by tkiptun-ng."}, {"lang": "es", "value": "La implementaci\u00f3n Temporal Key Integrity Protocol (TKIP) en productos de Cisco no especificados y productos de otros vendedores, como se usa en WPA y WPA2 en redes Wi-Fi, tiene unas contramedidas insuficientes contra ciertos paquetes manipulados y reenviados, lo que facilita a atacantes remotos descifrar paquetes de un punto de acceso (AP) a un cliente y envenenar paquetes de un AP a un cliente y llevar a cabo ataques de envenenamiento ARP y otros ataques, como se demostr\u00f3 por tkiptun-ng."}], "evaluatorImpact": "The impact of this vulnerability has yet to be determined. The full list of affected platforms is subject to change. The NVD will continue to monitor this vulnerability and adjust the configurations as needed.", "id": "CVE-2008-5230", "lastModified": "2008-12-03T05:00:00.000", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-11-25T23:30:00.593", "references": [{"source": "cve@mitre.org", "url": "http://arstechnica.com/articles/paedia/wpa-cracked.ars"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://dl.aircrack-ng.org/breakingwepandwpa.pdf"}, {"source": "cve@mitre.org", "url": "http://lists.immunitysec.com/pipermail/dailydave/2008-November/005413.html"}, {"source": "cve@mitre.org", "url": "http://radajo.blogspot.com/2008/11/wpatkip-chopchop-attack.html"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://trac.aircrack-ng.org/svn/trunk/src/tkiptun-ng.c"}, {"source": "cve@mitre.org", "url": "http://www.aircrack-ng.org/doku.php?id=tkiptun-ng"}, {"source": "cve@mitre.org", "url": "http://www.cisco.com/en/US/products/products_security_response09186a0080a30036.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/32164"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-310"}], "source": "nvd@nist.gov", "type": "Primary"}]}