Wireless Vulnerabilities & Exploits
Wireless Vulnerabilities & Exploits
WVE ID: WVE-2005-0049
Type: Vulnerability
Status: Candidate
Classification:
Denial of Service
Design Flaw
Description:
802.11 networks utilizing 802.1x for authentication can be vulnerable to DoS attacks that involve flooding an AP with EAPoL-Start messages.
Discussion:
The Extensible Authentication Protocol (EAP) is an extension to PPP which provides a general frame work to allow a connection to be authenticated. It itself does not specify the authentication mechanism. The IEEE created the 802.1x standard in order to allow EAP to be used on IEEE 802 networks.
When a device wishes to connect to an 802.1x authenticated network, it must send an EAPoL-Start (EAP over LAN) message to the AP to initiate the authentication process. This causes the AP to allocate some resources for the authentication transaction. Thus, an attacker can flood the AP with EAPoL-Start messages and cause it to exhaust its resources and disrupt wireless LAN service.
Credits
References
URL:
http://standards.ieee.org/getieee802/download/802.1X-2004.pdf
URL:
http://standards.ieee.org/getieee802/download/802.11i-2004.pdf
Released: 2000-01-01
Submitter
Andrew
Lockhart
(alockhart@networkchemistry.com)
: Network Chemistry
Submitted: Wed Nov 30 14:08:18 -0800 2005
Candidate Date: Wed Nov 30 14:08:59 -0800 2005
