Cisco LEAP - Password Disclosure

EDB-ID:

23212




Platform:

Hardware

Date:

2003-10-03


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux and pass the exam to become an Offensive Security Certified Professional (OSCP). All new content for 2020.

GET CERTIFIED

source: https://www.securityfocus.com/bid/8755/info

It has been reported that Cisco LEAP (Lightweight Extensible
Authentication Protocol) is prone to a password disclosure weakness that may allow a remote user to steal user passwords. The issue may be exploited out by brute forcing user passwords using dictionary attacks.

Successful exploitation of this weakness may allow a remote attacker to steal authentication information, potentially allowing for unauthorized network access. 

https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/23212.tar.bz2