Vulnerabilities > CVE-2003-1096 - Unspecified vulnerability in Cisco Leap

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

cisco

critical

exploit available

NVD

Published: 2003-12-31

Updated: 2017-07-11

Summary

The Cisco LEAP challenge/response authentication mechanism uses passwords in a way that is susceptible to dictionary attacks, which makes it easier for remote attackers to gain privileges via brute force password guessing attacks.

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco Leap *	1

Exploit-Db

description	Cisco LEAP Password Disclosure Weakness. CVE-2003-1096 . Remote exploit for hardware platform
id	EDB-ID:23212
last seen	2016-02-02
modified	2003-10-03
published	2003-10-03
reporter	Cisco Security
source	https://www.exploit-db.com/download/23212/
title	Cisco LEAP Password Disclosure Weakness

References

http://marc.info/?l=bugtraq&m=108135227731965&w=2
http://www.cisco.com/warp/public/707/cisco-sn-20030802-leap.shtml
http://www.kb.cert.org/vuls/id/473108
http://www.osvdb.org/15209
http://www.securityfocus.com/archive/1/340119
http://www.securityfocus.com/archive/1/340365
http://www.securityfocus.com/bid/8755
https://exchange.xforce.ibmcloud.com/vulnerabilities/12804