Menu

Database

Authentication Frame DoS

WVE ID: WVE-2005-0048

Type: Vulnerability

Status: Candidate

Classification:
Denial of Service
Design Flaw

Description:
802.11 Access Points are vulnerable to DoS attacks that involve sending Authentication frames to the AP from multiple spoofed station addresses.

Discussion:
802.11 networks utilize frames to manage connection and disconnection of stations from a wireless network. These are appropriately called management frames. One type of management frame, an authentication frame is used to authenticate a station with an AP before the station proceeds to associate with the wireless network.

However, a problem arises in that 802.11 management frames provide no authentication. Hence it is possible for an attacker to spoof a large number of stations and send out authentication frames for each spoofed station. Doing so can cause the AP's association table to fill which can cause the AP to lock-up.

Credits

References
WVE: WVE-2005-0019
URL: http://standards.ieee.org/getieee802/download/802.11-1999.pdf

Released: 2000-01-01

Submitter
Andrew Lockhart (alockhart@networkchemistry.com) : Network Chemistry

Submitted: Wed Nov 30 13:17:58 -0800 2005

Candidate Date: Wed Nov 30 13:19:36 -0800 2005


Recent Entries

Auto Immune Attack
WVE-2008-0011 9/17/2008
Marvell Null SSID Association Request
WVE-2008-0010 9/15/2008
Marvell EAPOL-Key Length Overflow
WVE-2008-0009 9/15/2008
Atheros IE Tag Overflow
WVE-2008-0008 9/15/2008
Weaknesses in the A5/1 Cipher
WVE-2008-0007 4/9/2008
Block ACK DoS
WVE-2008-0006 4/9/2008
GF Mode WIDS Rogue AP Evasion
WVE-2008-0005 4/9/2008
HT Intolerant Degradation of Service
WVE-2008-0004 4/9/2008
Sidejacking
WVE-2008-0003 4/2/2008
ZiPhone
WVE-2008-0002 4/2/2008
More Entries...

News

SANS Institute Sponsors WVE
4/19/2008
Wireless Attackers and Honeypot Technology
4/15/2008
High Speed Risks in 802.11n Slides Posted
4/11/2008
Vulnerabilities in 802.11n
4/9/2008
WVE Editors Speaking at SHARKFEST.08
1/3/2008
More News...