Vulnerability Description
The Microsoft Wireless Zero Configuration system (WZCS) stores WEP keys and pair-wise Master Keys (PMK) of the WPA pre-shared key in plaintext in memory of the explorer process, which allows attackers with access to process memory to steal the keys and access the network.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows Xp | All versions |
References
- http://archives.neohapsis.com/archives/bugtraq/2005-10/0016.htmlVendor Advisory
- http://secunia.com/advisories/17064Vendor Advisory
- http://securityreason.com/securityalert/46
- http://www.osvdb.org/19873
- http://www.securityfocus.com/bid/15008Exploit
- http://www.soonerorlater.hu/index.khtml?article_id=62Vendor Advisory
- http://www.vupen.com/english/advisories/2005/1970
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22524
- https://www.exploit-db.com/exploits/26323/
- http://archives.neohapsis.com/archives/bugtraq/2005-10/0016.htmlVendor Advisory
- http://secunia.com/advisories/17064Vendor Advisory
- http://securityreason.com/securityalert/46
- http://www.osvdb.org/19873
- http://www.securityfocus.com/bid/15008Exploit
- http://www.soonerorlater.hu/index.khtml?article_id=62Vendor Advisory
FAQ
What is CVE-2005-4696?
CVE-2005-4696 is a vulnerability with a CVSS score of 2.1 (LOW). The Microsoft Wireless Zero Configuration system (WZCS) stores WEP keys and pair-wise Master Keys (PMK) of the WPA pre-shared key in plaintext in memory of the explorer process, which allows attackers...
How severe is CVE-2005-4696?
CVE-2005-4696 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-4696?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows Xp.