Description
The Cisco LEAP challenge/response authentication mechanism uses passwords in a way that is susceptible to dictionary attacks, which makes it easier for remote attackers to gain privileges via brute force password guessing attacks.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Cisco Security · textremotehardware
https://www.exploit-db.com/exploits/23212
References (8)
Core 8
Core References
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/340119
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/340365
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/15209
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=108135227731965&w=2
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/8755
Vendor Advisory vendor-advisory
x_refsource_cisco
http://www.cisco.com/warp/public/707/cisco-sn-20030802-leap.shtml
Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/473108
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/12804
Scores
EPSS
0.5449
EPSS Percentile
98.0%
Details
Status
published
Products (1)
cisco/leap
Published
Dec 31, 2003
Tracked Since
Feb 18, 2026