Microsoft Windows XP Wireless Zero Configuration service information disclosure

win-xp-wzcs-information-disclosure (22524) The risk level is classified as MediumMedium Risk

Description:

Microsoft Windows could allow a local attacker to obtain sensitive information caused by a vulnerability in the Wireless Zero Configuration service. A local attacker could exploit this vulnerability to obtain sensitive information including SSID's and WEP keys.


Consequences:

Obtain Information

Remedy:

No remedy available as of July 9, 2011.

References:

  • BugTraq Mailing List, Fri Aug 19 2005 - 11:30:24 CDT: WZCS vulnerabilities.
  • BID-15008: Microsoft Windows Wireless Zero Configuration Service Information Disclosure Vulnerability
  • CVE-2005-4696: The Microsoft Wireless Zero Configuration system (WZCS) stores WEP keys and pair-wise Master Keys (PMK) of the WPA pre-shared key in plaintext in memory of the explorer process, which allows attackers with access to process memory to steal the keys and access the network.
  • CVE-2005-4697: The Microsoft Wireless Zero Configuration system (WZCS) allows local users to access WEP keys and pair-wise Master Keys (PMK) of the WPA pre-shared key via certain calls to the WZCQueryInterface API function in wzcsapi.dll.
  • OSVDB ID: 19873: Microsoft Windows XP Wireless Zero Configuration Credential/Key Disclosure
  • SA17064: Microsoft Windows XP Wireless Zero Configuration Wireless Profile Disclosure
  • VUPEN/ADV-2005-1970: Microsoft Windows Wireless Zero Configuration Information Disclosure

Platforms Affected:

  • Microsoft Windows XP SP2 Home
  • Microsoft Windows XP SP2 Professional

Reported:

Oct 04, 2005

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page