Project

General

Profile

Actions

Bug #3034

closed

Security FLAW in pfSense Wireless Found

Added by Steven Anderson over 8 years ago. Updated over 8 years ago.

Status:
Resolved
Priority:
Urgent
Assignee:
-
Category:
Wireless
Target version:
Start date:
06/09/2013
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.1
Affected Architecture:

Description

I have found a security flaw in pfSense wireless. If you enable WPA2 for security and use a password for the pre shared key that is too long the security appears to be enabled but anyone connecting to the wireless network can access the wireless network without entering a password. No warning is given in the web configurator admin panel and it appears to be enabled. But on the wireless side of things No authentication is displayed.

Work Around: Use shorter passwords.

Actions #1

Updated by Renato Botelho over 8 years ago

What is the length of the password you got the issue?

Actions #2

Updated by Renato Botelho over 8 years ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100
Actions #5

Updated by Renato Botelho over 8 years ago

  • Status changed from Feedback to Resolved
Actions

Also available in: Atom PDF