microsoft windows_mobile WLAN 信任管理访问漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1185006 漏洞类型 信任管理
发布时间 2008-10-13 更新时间 2008-10-13
CVE编号 CVE-2008-4540 CNNVD-ID CNNVD-200810-180
漏洞平台 N/A CVSS评分 2.1
|漏洞来源
https://www.securityfocus.com/bid/84764
https://cxsecurity.com/issue/WLB-2008100030
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200810-180
|漏洞详情
HTCHermesdevice上的WindowsMobile6会使WLAN密码被密码输入字段的一个自动完成机制所利用,这会允许物理接触到机器的供给者绕过密码权限并获得WLAN访问权。
|漏洞EXP
hi list,

I noticed on my HTC Hermes with latest available WM6 (not 6.1!), that
after I entered the password for my WLAN, auto-copletion knows the
phrase and suggests my WLAN-password for almost any input-field.
Further, the memory for passwordstorage is way too small. I can enter
my whole password (auto-completion shows it correctly) but i still
can't connect. If I re-enter the settings, I get shown only 17 dots.
But this isn't enough for my password.

any1 can see the same behavior on his device?
|受影响的产品
Microsoft Windows Mobile 6.0
|参考资料

来源:XF
名称:windowsmobile-hermes-security-bypass(45857)
链接:http://xforce.iss.net/xforce/xfdb/45857
来源:BUGTRAQ
名称:20081008WindowsMobile6insecurepasswordhandlingandtooshortWLAN-password
链接:http://www.securityfocus.com/archive/1/archive/1/497151/100/0/threaded
来源:SREASON
名称:4402
链接:http://securityreason.com/securityalert/4402