Proxim's WEP Gap
Danish security firm Secunia has posted an advisory about a potential security issue with some of Proxim Wireless Corp. 's enterprise wireless LAN access points.
Secunia says that the problem is caused by "the presence of a static WEP key set to '12345.' This can be exploited to bypass the 802.1x authentication and gain access to network resources."
The Wired Equivalent Privacy (WEP) protocol has caused much of the trash-talking about enterprise wireless LAN security over the last few years and has largely been replaced by protocols like WiFi Protected Access 2 (WPA2), which is based on 802.11i. [Ed note: Confused yet?] At this time it's not entirely clear how serious a threat this vulnerability is. Secunia describes it as "moderately critical" and says that access points in Proxim's AP-600, AP-700, AP-2000, and AP-4000 ranges are at risk. While Secunia also reports that Proxim has patches ready for the fix, the firm itself has not returned calls to confirm or deny the security issue.
Proxim was until recently the firm the third largest vendor in the enterprise WLAN market, so there could be a lot of network administrators patchin' things up with Proxim in the near future.
— Dan Jones, Site Editor, Unstrung