Details of VAR-200205-0116

ID

VAR-200205-0116

CVE

CVE-2002-0214

TITLE

Compaq Intel PRO/Wireless 2011B local area network USB Device Driver Information Disclosure Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200205-015

DESCRIPTION

Compaq Intel PRO/Wireless 2011B LAN USB Device Driver 1.5.16.0 through 1.5.18.0 stores the 128-bit WEP (Wired Equivalent Privacy) key in plaintext in a registry key with weak permissions, which allows local users to decrypt network traffic by reading the WEP key from the registry key. Compaq's Intel PRO/Wireless 2011B LAN USB Device driver allows a user to connect a number of supported WLAN Ethernet devices via a USB port. It runs on Microsoft Windows platforms that support USB, such as Windows 98/ME/2000. The Compaq Intel PRO/Wireless 2011B LAN USB Device driver may disclose sensitive information to local attackers. The WEP Key may be used by the local attacker to decrypt all network traffic encapsulated in WEP

Trust: 1.26

sources: NVD: CVE-2002-0214 // BID: 3968 // VULHUB: VHN-4607

AFFECTED PRODUCTS

vendor:	intel	model:	pro wireless 2011b lan usb device driver	scope:	eq	version:	1.5.18.0	Trust: 1.6
vendor:	intel	model:	pro wireless 2011b lan usb device driver	scope:	eq	version:	1.5.16.0	Trust: 1.6
vendor:	compaq	model:	intel pro/wireless 2011b lan usb device driver	scope:	eq	version:	1.5.18.0	Trust: 0.3
vendor:	compaq	model:	intel pro/wireless 2011b lan usb device driver	scope:	eq	version:	1.5.16.0	Trust: 0.3

sources: BID: 3968 // CNNVD: CNNVD-200205-015 // NVD: CVE-2002-0214

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2002-0214
value:	LOW
Trust: 1.0
CNNVD:	CNNVD-200205-015
value:	LOW
Trust: 0.6
VULHUB:	VHN-4607
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2002-0214
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-4607
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-4607 // CNNVD: CNNVD-200205-015 // NVD: CVE-2002-0214

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2002-0214

THREAT TYPE

local

Trust: 0.9

sources: BID: 3968 // CNNVD: CNNVD-200205-015

TYPE

Design Error

Trust: 0.9

sources: BID: 3968 // CNNVD: CNNVD-200205-015

EXTERNAL IDS

db:	BID	id:	3968	Trust: 2.0
db:	NVD	id:	CVE-2002-0214	Trust: 2.0
db:	CNNVD	id:	CNNVD-200205-015	Trust: 0.7
db:	BUGTRAQ	id:	20020128 INTEL WLAN DRIVER STORING 128BIT WEP-KEY IN PLAIN TEXT!	Trust: 0.6
db:	XF	id:	8015	Trust: 0.6
db:	VULHUB	id:	VHN-4607	Trust: 0.1

sources: VULHUB: VHN-4607 // BID: 3968 // CNNVD: CNNVD-200205-015 // NVD: CVE-2002-0214

REFERENCES

url:	http://www.securityfocus.com/bid/3968	Trust: 1.7
url:	http://online.securityfocus.com/archive/1/252607	Trust: 1.7
url:	http://www.iss.net/security_center/static/8015.php	Trust: 1.7
url:	http://www.compaq.com/support/files/	Trust: 0.3
url:	http://support.intel.com/support/network/wireless/pro2011b/usb/index.htm	Trust: 0.3

sources: VULHUB: VHN-4607 // BID: 3968 // CNNVD: CNNVD-200205-015 // NVD: CVE-2002-0214

CREDITS

dario luethi※ dlu@remote-exploit.org

Trust: 0.6

sources: CNNVD: CNNVD-200205-015

SOURCES

db:	VULHUB	id:	VHN-4607
db:	BID	id:	3968
db:	CNNVD	id:	CNNVD-200205-015
db:	NVD	id:	CVE-2002-0214

LAST UPDATE DATE

2025-04-03T22:33:14.597000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-4607	date:	2008-09-11T00:00:00
db:	BID	id:	3968	date:	2009-07-11T09:56:00
db:	CNNVD	id:	CNNVD-200205-015	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2002-0214	date:	2025-04-03T01:03:51.193

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-4607	date:	2002-05-16T00:00:00
db:	BID	id:	3968	date:	2002-01-28T00:00:00
db:	CNNVD	id:	CNNVD-200205-015	date:	2002-01-28T00:00:00
db:	NVD	id:	CVE-2002-0214	date:	2002-05-16T04:00:00