Overview
The Yamaha MusicCAST MCX-1000 server wireless networking interface is enabled by default, cannot be disabled, and operates in Access Point mode. A remote attacker could access the MusicCAST wireless network and potentially any other network connected to the MusicCAST.
Description
The Yamaha MusicCAST MCX-1000 is a network-enabled digital audio system that has the ability to act as an 802.11b wireless access point. The wireless interface cannot be disabled, and if the wireless network card is removed the MusicCAST will not function. If the MusicCAST is connected to a wired network, resources on that LAN may be exposed via the wireless network. While Yamaha ships MusicCASTs with unique Service Set Identifiers (SSIDs) and enables Wired Equivalent Privacy (WEP), it is possible that a reseller could configure the MusicCAST with a default, well-known SSID and disable WEP. |
Impact
A remote attacker could access the MusicCAST wireless network and data stored on the MusicCAST. If the MusicCAST is connected to a wired LAN, any resources on the LAN may be exposed via the wireless network. |
Solution
Upgrade Upgrade the MusicCAST MCX-1000 firmware to Version Upgrade Vol. 4.1 (5.2.14a). This version allows users to disable the wireless interface, reduce SSID exposure, and enable MAC address filtering. |
|
Vendor Information
CVSS Metrics
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
References
- http://www.yamaha.com/yec/products/MusicCast/index.htm
- http://www.yamaha.com/yec/products/MusicCast/idx_server.htm
- http://www.yamaha.com/yec/products/MusicCast/idx_specs.htm#server
- http://www.yamaha.com/yec/products/MusicCast/idx_updates.htm#update4_2
- http://www.yamaha.com/yec/products/MusicCast/downloads/mc_versionup4_1.pdf
Acknowledgements
Thanks to Robert Otto for reporting this vulnerability.
This document was written by Art Manion.
Other Information
CVE IDs: | None |
Severity Metric: | 0.06 |
Date Public: | 2005-06-07 |
Date First Published: | 2005-06-07 |
Date Last Updated: | 2005-06-08 16:39 UTC |
Document Revision: | 32 |