First published: Sat Dec 31 2005(Updated: )
The Microsoft Wireless Zero Configuration system (WZCS) stores WEP keys and pair-wise Master Keys (PMK) of the WPA pre-shared key in plaintext in memory of the explorer process, which allows attackers with access to process memory to steal the keys and access the network.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Windows XP | =gold | |
Microsoft Windows XP | =sp2 | |
Microsoft Windows XP | =sp2 | |
Microsoft Windows XP | =sp2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2005-4696 is considered a high severity vulnerability due to its potential to expose sensitive network keys.
To mitigate CVE-2005-4696, users should upgrade their operating system to a version that does not have this vulnerability, as it specifically affects certain versions of Windows XP.
CVE-2005-4696 affects users of Microsoft Windows XP, particularly those running gold or Service Pack 2 versions across multiple editions.
The potential impact of CVE-2005-4696 includes unauthorized access to the wireless network by attackers who can extract stored keys from memory.
There are no effective workarounds for CVE-2005-4696 other than applying system updates or moving to a supported operating system.