CVE-2010-1159

UNKNOWN

Multiple heap-based buffer overflows in Aircrack-ng before 1

Published Oct 28, 2013

Modified 1 years ago

Details

Multiple heap-based buffer overflows in Aircrack-ng before 1.1 allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) large length value in an EAPOL packet or (2) long EAPOL packet.

References

WEB

http://pyrit.googlecode.com/svn/tags/opt/aircrackng_exploit.py

ADVISORY

http://secunia.com/advisories/39150

ADVISORY

http://secunia.com/advisories/55053

ADVISORY

http://security.gentoo.org/glsa/glsa-201310-06.xml

WEB

http://svn.aircrack-ng.org/trunk/ChangeLog

ADVISORY

https://www.cve.org/CVERecord?id=CVE-2010-1159

CVSS Analysis

CVSS v2.0

6.8

Exploitability

Access Vector

NetworkAV:N

Access Complexity

MediumAC:M

Authentication

NoneAu:N

Impact

Confidentiality

PartialC:P

Integrity

PartialI:P

Availability

PartialA:P

6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P

Ecosystems

Timeline

PublishedOct 28, 2013

ModifiedAug 7, 2024