Old CNN article on 802.11 weakness
A University of Maryland professor and his graduate student have apparently uncovered serious weaknesses in the next-generation Wi-Fi (Wireless Fidelity) security protocol known as 802.1x.
A session hijacking can occur because of the so-called race conditions between the 802.1x and 802.11 state machines. Arbaugh uses the analogy of a thief and a store owner racing for the front door at the same time. If the owner gets there first he locks the thief out, if the thief gets there first he steals everything. Because the client and the AP aren’t synchronized, “loose consistency,” the thief can tell the owner/client to go away and the AP still thinks he is there.
http://slashdot.org/article.pl?sid=01/02/15/1745204&mode=thread