| Vulnerability Name: | CVE-2006-0376 (CCN-24157) | ||||||||
| Assigned: | 2006-01-14 | ||||||||
| Published: | 2006-01-14 | ||||||||
| Updated: | 2018-10-19 | ||||||||
| Summary: | The 802.11 wireless client in certain operating systems including Windows 2000, Windows XP, and Windows Server 2003 does not warn the user when (1) it establishes an association with a station in ad hoc (aka peer-to-peer) mode or (2) a station in ad hoc mode establishes an association with it, which allows remote attackers to put unexpected wireless communication into place. | ||||||||
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2006-0376 Source: SREASON Type: UNKNOWN 349 Source: CCN Type: SECTRACK ID: 1015489 Microsoft Wireless Network Connection Software May Broadcast Ad-Hoc SSID Information in Certain Cases Source: SECTRACK Type: UNKNOWN 1015489 Source: CCN Type: Nomad Mobile Research Centre Advisory 14Jan2006 Microsoft Windows Silent Adhoc Network Advertisement Source: MISC Type: Vendor Advisory http://www.nmrc.org/pub/advise/20060114.txt Source: CCN Type: OSVDB ID: 22710 Microsoft Windows Ad-hoc Network Advertisement Weakness Source: MISC Type: UNKNOWN http://www.securiteam.com/windowsntfocus/5YP0D2KHHO.html Source: BUGTRAQ Type: UNKNOWN 20060114 [NMRC Advisory] Microsoft Windows Wireless Exposure on Laptops Source: MISC Type: UNKNOWN http://www.theta44.org/karma/ Source: XF Type: UNKNOWN windows-wireless-adhoc-unauth-access(24157) Source: XF Type: UNKNOWN windows-wireless-adhoc-unauth-access(24157) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||