Project

General

Profile

Actions

Bug #3034

closed

Security FLAW in pfSense Wireless Found

Added by Steven Anderson almost 11 years ago. Updated almost 11 years ago.

Status:
Resolved
Priority:
Urgent
Assignee:
-
Category:
Wireless
Target version:
Start date:
06/09/2013
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.1
Affected Architecture:

Description

I have found a security flaw in pfSense wireless. If you enable WPA2 for security and use a password for the pre shared key that is too long the security appears to be enabled but anyone connecting to the wireless network can access the wireless network without entering a password. No warning is given in the web configurator admin panel and it appears to be enabled. But on the wireless side of things No authentication is displayed.

Work Around: Use shorter passwords.

Actions

Also available in: Atom PDF