Vulnerabilities > CVE-2005-4697 - Information Disclosure vulnerability in Microsoft Windows Wireless Zero Configuration Service
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
The Microsoft Wireless Zero Configuration system (WZCS) allows local users to access WEP keys and pair-wise Master Keys (PMK) of the WPA pre-shared key via certain calls to the WZCQueryInterface API function in wzcsapi.dll.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 4 |
References
- http://archives.neohapsis.com/archives/bugtraq/2005-10/0016.html
- http://secunia.com/advisories/17064
- http://securityreason.com/securityalert/46
- http://www.osvdb.org/19873
- http://www.securityfocus.com/bid/15008
- http://www.soonerorlater.hu/index.khtml?article_id=62
- http://www.vupen.com/english/advisories/2005/1970
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22524