Multiple heap-based buffer overflows in Aircrack-ng before 1.1 allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) large length value in an EAPOL packet or (2) long EAPOL packet.
References
Link | Resource |
---|---|
http://pyrit.googlecode.com/svn/tags/opt/aircrackng_exploit.py | |
http://secunia.com/advisories/39150 | Vendor Advisory |
http://secunia.com/advisories/55053 | Vendor Advisory |
http://security.gentoo.org/glsa/glsa-201310-06.xml | Vendor Advisory |
http://svn.aircrack-ng.org/trunk/ChangeLog |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2013-10-28T22:00:00Z
Updated: 2013-10-28T22:00:00Z
Reserved: 2010-03-29T00:00:00Z
Link: CVE-2010-1159
JSON object: View
NVD Information
Status : Analyzed
Published: 2013-10-28T22:55:03.227
Modified: 2013-10-29T20:53:40.617
Link: CVE-2010-1159
JSON object: View
Redhat Information
No data.
CWE