[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Apple and Wifi Hotspot Credentials Management Vulnerability



This vulnerability was published to the OWASP Mobile Security list as
a research paper by Andreas Kurtz, Daniel Metz and Felix Freiling. See
"Cracking iOS personal hotspots using a Scrabble crossword game word
list," http://lists.owasp.org/pipermail/owasp-mobile-security-project/2013-June/000640.html.

It appears Apple Wifi hotspot passwords are generated using a wordlist
consisting of 1842 words. The authors built a customer cracker to aide
in recovery of the Wifi hotspot passwords.

The paper's homepage can be found at https://www1.cs.fau.de/hotspot.
The paper does not offer a CWE classification or CVE at this point in
time.