Kismet Server Information Disclosure

medium Nessus Plugin ID 33257

Synopsis

It is possible to collect information from the remote wireless monitoring service.

Description

The remote host is running a Kismet server and allows clients to use it to monitor wireless activity. An anonymous attacker may use the information collected to gain a better understanding of your network.

Solution

Limit incoming traffic to this port if desired and, if appropriate, don't allow clients to list WEP keys.

See Also

http://svn.kismetwireless.net/code/trunk/docs/DEVEL.client

Plugin Details

Severity: Medium

ID: 33257

File Name: kismet_server_info.nasl

Version: Revision: 1.6

Type: remote

Family: Misc.

Published: 6/25/2008

Updated: 1/25/2013

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N