Users of a popular Cisco Systems wireless access point may be setting themselves up for trouble if they leave a WPA wireless migration feature enabled, according to Core Security Technologies.
Cisco’s Aironet 1200 Series Access Point, which is used to power centrally managed wireless LANs, can be set to a WPA (Wi-Fi Protected Access) migration mode. This mode provides wireless access for devices that use either the insecure WEP (Wired Equivalent Privacy) protocol or the more secure WPA standard, giving companies a way to gradually move from WEP to WPA without immediately buying all-new, WPA-capable equipment.
While auditing the network of a customer who used the product, Core researchers discovered that even networks that had stopped using WEP devices could still be vulnerable, so long as the Aironet’s migration mode was still enabled. Researchers were able to force the access point to issue WEP broadcast packets, which they then used to crack the encryption key and gain access to the network.
If you use the Aironet 1200 and similar devices on your network, best be checking and tightening up those configs!
MadMark's Blog 