VULHUB ™

ORiNOCO is a Lucent Wireless Network solution, designed to provide access to clients via a network of wireless connections that can be either left open to allow members to freely join, or closed to provide access control. A problem in the design of the ORiNOCO implementation produced by Lucent could allow unauthorized users access to access controlled networks. When access control is imposed on ORiNOCO networks, the password used transmited by serveral devices in plain text. This password functions as a shared secret among all hosts that function as nodes on the network. However, the implementation of some devices on the network make the shared secret password freely available in network management messages. Therefore, it is possible for a for a user with access to the network to monitor the network, and upon gaining the shared secret, gain access to the network as a node.

ORiNOCO is a Lucent Wireless Network solution, designed to provide access to clients via a network of wireless connections that can be either left open to allow members to freely join, or closed to provide access control. A problem in the design of the ORiNOCO implementation produced by Lucent could allow unauthorized users access to access controlled networks. When access control is imposed on ORiNOCO networks, the password used transmited by serveral devices in plain text. This password functions as a shared secret among all hosts that function as nodes on the network. However, the implementation of some devices on the network make the shared secret password freely available in network management messages. Therefore, it is possible for a for a user with access to the network to monitor the network, and upon gaining the shared secret, gain access to the network as a node.