fyi
Detail Page TRACKING ID 2003-10-027 SUBMITTAL TYPE Vulnerability SEVERITY Normal RISK 3 (Normal: 0-7 Urgent: 8-9 Critical: 10) INDUSTRY TYPE DATE/TIME REPORTED 10/09/2003 21:24:04 GMT EVENT SUBJECT CISCO LEAP Dictionary Attack EVENT SUMMARY CISCO's Light Extensible Authentication Protocol (LEAP) is vulnerable to remote dictionary attacks. The LEAP authentication protocol is used for Remote Authentication Dial-in User Service (RADIUS) server. It is designed to provide better security than WEP. EVENT DESCRIPTION The exploit takes advantage of new methods of reducing the complexity of a dictionary attack. LEAP is based on the flawed MS-CHAPv2 protocol, which is relatively easier to crack than other authentication protocols. This attack was presented at DEFCON 11 last August. The exploit itself was published October 3. Vulnerability previously reported in the SAFE Architecture White Paper on Wireless LAN Security, section Standard EAP with TKIP WLAN (December 2001): http://www.cisco.com/application/pdf/en/us/guest/netsol/ns314/c654/ccmigrati on_09186a008009c8b3.pdf References: http://www.cisco.com/warp/public/707/cisco-sn-20030802-leap.shtml http://securitytracker.com/alerts/2003/Aug/1007370.html Risk Explanation: An exploit has been published, that brute forces Microsoft's Active Directory authentication used in conjunction with the Cisco LEAP authentication on Cisco wireless access points. Cisco has provided mitigation procedures, and strong password policies will make this attack more difficult. HOW DETECTED ISAC Advisory CATEGORIES RECOMMENDATIONS Vendor recommends implementing procedures documented in the 802.11 Wire-less LAN Security White Paper, Section 5.2, Cisco LEAP Deployment: http://www.cisco.com/en/US/netsol/ns110/ns175/ns176/ns178/networking_solutio ns_white_paper09186a00800b469f.shtml 1. Review organization's security policies, specifically password and account management policies. 2. Implement strong passwords and password expiration requirements. CORRECTIVE ACTION http://www.cisco.com/warp/public/707/cisco-sn-20030802-leap.shtml LESSONS LEARNED HARDWARE OPERATING SYSTEMS IOS PLATFORMS Miscellaneous APPLICATIONS IMPACT ON IT Remote user gains system access
