http://www.wirelessve.org/ 10 most recent WVE entries en editors@wirelessve.org webmaster@wirelessve.org Tue, 13 May 2008 23:28:51 GMT Thu, 10 Apr 2008 02:15:03 GMT http://blogs.law.harvard.edu/tech/rss http://www.wirelessve.org/entries/show/WVE-2008-0007 The A5/1 cipher is vulnerable to an offline key-state attack that allows an attacker to decrypt encrypted information without key knowledge. A5/1 is leveraged by cellular GSM networks to protect voice conversations and SMS messages. Thu, 10 Apr 2008 02:15:03 GMT http://www.wirelessve.org/entries/show/WVE-2008-0007 http://www.wirelessve.org/entries/rss http://www.wirelessve.org/entries/show/WVE-2008-0006 Block acknowledgment window manipulation allows an attacker to mount a DoS attack against 802.11n clients. Thu, 10 Apr 2008 02:14:42 GMT http://www.wirelessve.org/entries/show/WVE-2008-0006 http://www.wirelessve.org/entries/rss http://www.wirelessve.org/entries/show/WVE-2008-0005 An optional technology in the 802.11n specification known as Greenfield Mode allows rogue AP devices to evade wireless intrusion detection systems based on pre-802.11n technology. Thu, 10 Apr 2008 02:14:28 GMT http://www.wirelessve.org/entries/show/WVE-2008-0005 http://www.wirelessve.org/entries/rss http://www.wirelessve.org/entries/show/WVE-2008-0004 In Draft 2.0 IEEE 802.11n 2.4 GHz networks, an unauthenticated client can degrade network performance by forcing all devices to revert from 40 MHz to 20 MHz mode. Wed, 09 Apr 2008 22:30:51 GMT http://www.wirelessve.org/entries/show/WVE-2008-0004 http://www.wirelessve.org/entries/rss http://www.wirelessve.org/entries/show/WVE-2008-0003 Sidejacking is a mechanism to gain unauthorized access to web-based applications that transmit session cookies in plaintext following SSL-based authentication. Wed, 02 Apr 2008 19:23:17 GMT http://www.wirelessve.org/entries/show/WVE-2008-0003 http://www.wirelessve.org/entries/rss http://www.wirelessve.org/entries/show/WVE-2008-0002 ZiPhone is a jail-breaking tool allowing users to run unsanctioned applications on the iPhone. Wed, 02 Apr 2008 13:49:47 GMT http://www.wirelessve.org/entries/show/WVE-2008-0002 http://www.wirelessve.org/entries/rss http://www.wirelessve.org/entries/show/WVE-2008-0001 Distributed RADIUS deployments threaten the secure delivery of key content such as the 802.11i Pairwise Master Key due to the weak security applied to protect RADIUS frames. Fri, 21 Mar 2008 13:12:14 GMT http://www.wirelessve.org/entries/show/WVE-2008-0001 http://www.wirelessve.org/entries/rss http://www.wirelessve.org/entries/show/WVE-2007-0020 Backtrack is a live Linux distribution designed to be run from a CD, DVD or USB drive. Backtrack includes multiple wireless exploit tools, configured to simplify the process of exploiting wireless networks. Fri, 21 Mar 2008 13:11:34 GMT http://www.wirelessve.org/entries/show/WVE-2007-0020 http://www.wirelessve.org/entries/rss http://www.wirelessve.org/entries/show/WVE-2007-0019 Airoscript is a shell script designed to interact with the Aicrack-ng toolkit, simplifying the process of attacking WEP and WPA networks. Fri, 21 Mar 2008 13:08:29 GMT http://www.wirelessve.org/entries/show/WVE-2007-0019 http://www.wirelessve.org/entries/rss http://www.wirelessve.org/entries/show/WVE-2007-0018 Airoway.sh is a shell script to aid in WEP cracking, making it simple for an attacker to evaluate the wireless environment, select a vulnerable network, attempt to connect to the network and recover WEP encryption keys. Fri, 21 Mar 2008 13:04:51 GMT http://www.wirelessve.org/entries/show/WVE-2007-0018 http://www.wirelessve.org/entries/rss