cbcvebase.
CVE-2003-1096
published 2003-12-31

CVE-2003-1096: The Cisco LEAP challenge/response authentication mechanism uses passwords in a way that is susceptible to dictionary attacks, which makes it easier for remote…

PriorityP349critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
10.48%
95.2th percentile
The Cisco LEAP challenge/response authentication mechanism uses passwords in a way that is susceptible to dictionary attacks, which makes it easier for remote attackers to gain privileges via brute force password guessing attacks.

Detection & IOCsextracted from sources · hover to see the quote

urlhttps://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/23212.tar.bz2
  • Monitor for repeated LEAP authentication failures against wireless infrastructure, indicative of dictionary/brute-force attacks against Cisco LEAP challenge/response exchanges.
  • Detect offline or online brute-force attempts targeting Cisco LEAP (Lightweight Extensible Authentication Protocol) authentication, which exposes password hashes susceptible to dictionary attack.
  • ·Cisco LEAP is the vulnerable authentication protocol; organizations still deploying LEAP on wireless networks remain exposed to this credential-theft attack vector.
  • ·Successful exploitation grants unauthorized network access by recovering valid credentials, not just causing a denial of service — scope of impact extends to full network authentication bypass.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.