Vulnerabilities > CVE-2006-0376 - Remote Security vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

microsoft

NVD

Published: 2006-01-22

Updated: 2018-10-19

Summary

The 802.11 wireless client in certain operating systems including Windows 2000, Windows XP, and Windows Server 2003 does not warn the user when (1) it establishes an association with a station in ad hoc (aka peer-to-peer) mode or (2) a station in ad hoc mode establishes an association with it, which allows remote attackers to put unexpected wireless communication into place.

Vulnerable Configurations

Part	Description	Count
OS	Microsoft Microsoft Windows 2000 * Microsoft Windows 2003 Server R2 Microsoft Windows XP *	6

References

http://securityreason.com/securityalert/349
http://securitytracker.com/id?1015489
http://www.nmrc.org/pub/advise/20060114.txt
http://www.securiteam.com/windowsntfocus/5YP0D2KHHO.html
http://www.securityfocus.com/archive/1/421868/100/0/threaded
http://www.theta44.org/karma/
https://exchange.xforce.ibmcloud.com/vulnerabilities/24157