Vulnerabilites related to aircrack-ng - aircrack-ng
CVE-2014-8323 (GCVE-0-2014-8323)
Vulnerability from cvelistv5
Published
2017-10-17 14:00
Modified
2024-08-06 13:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
buddy-ng.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to cause a denial of service (segmentation fault) via a response with a crafted length parameter.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:10:51.180Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html"
},
{
"name": "GLSA-201411-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201411-08.xml"
},
{
"name": "FEDORA-2014-14247",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143595.html"
},
{
"name": "FEDORA-2014-14283",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143216.html"
},
{
"name": "FEDORA-2014-14233",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143606.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/aircrack-ng/aircrack-ng/commit/da087238963c1239fdabd47dc1b65279605aca70"
},
{
"name": "20141101 Aircrack-ng 1.2 Beta 3\" multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/533869/100/0/threaded"
},
{
"name": "71085",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71085"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1159812"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "buddy-ng.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to cause a denial of service (segmentation fault) via a response with a crafted length parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html"
},
{
"name": "GLSA-201411-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201411-08.xml"
},
{
"name": "FEDORA-2014-14247",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143595.html"
},
{
"name": "FEDORA-2014-14283",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143216.html"
},
{
"name": "FEDORA-2014-14233",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143606.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aircrack-ng/aircrack-ng/commit/da087238963c1239fdabd47dc1b65279605aca70"
},
{
"name": "20141101 Aircrack-ng 1.2 Beta 3\" multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/533869/100/0/threaded"
},
{
"name": "71085",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71085"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1159812"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8323",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "buddy-ng.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to cause a denial of service (segmentation fault) via a response with a crafted length parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html",
"refsource": "CONFIRM",
"url": "http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html"
},
{
"name": "http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html"
},
{
"name": "GLSA-201411-08",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201411-08.xml"
},
{
"name": "FEDORA-2014-14247",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143595.html"
},
{
"name": "FEDORA-2014-14283",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143216.html"
},
{
"name": "FEDORA-2014-14233",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143606.html"
},
{
"name": "https://github.com/aircrack-ng/aircrack-ng/commit/da087238963c1239fdabd47dc1b65279605aca70",
"refsource": "CONFIRM",
"url": "https://github.com/aircrack-ng/aircrack-ng/commit/da087238963c1239fdabd47dc1b65279605aca70"
},
{
"name": "20141101 Aircrack-ng 1.2 Beta 3\" multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/533869/100/0/threaded"
},
{
"name": "71085",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71085"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1159812",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1159812"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-8323",
"datePublished": "2017-10-17T14:00:00",
"dateReserved": "2014-10-17T00:00:00",
"dateUpdated": "2024-08-06T13:10:51.180Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-8321 (GCVE-0-2014-8321)
Vulnerability from cvelistv5
Published
2020-01-31 21:21
Modified
2024-08-06 13:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in the gps_tracker function in airodump-ng.c in Aircrack-ng before 1.2 RC 1 allows local users to execute arbitrary code or gain privileges via unspecified vectors.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:10:50.942Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/aircrack-ng/aircrack-ng/commit/ff70494dd389ba570dbdbf36f217c28d4381c6b5/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/aircrack-ng/aircrack-ng/pull/13"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98458"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the gps_tracker function in airodump-ng.c in Aircrack-ng before 1.2 RC 1 allows local users to execute arbitrary code or gain privileges via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-31T21:21:20",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aircrack-ng/aircrack-ng/commit/ff70494dd389ba570dbdbf36f217c28d4381c6b5/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aircrack-ng/aircrack-ng/pull/13"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98458"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8321",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the gps_tracker function in airodump-ng.c in Aircrack-ng before 1.2 RC 1 allows local users to execute arbitrary code or gain privileges via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html",
"refsource": "CONFIRM",
"url": "http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html"
},
{
"name": "http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html"
},
{
"name": "https://github.com/aircrack-ng/aircrack-ng/commit/ff70494dd389ba570dbdbf36f217c28d4381c6b5/",
"refsource": "CONFIRM",
"url": "https://github.com/aircrack-ng/aircrack-ng/commit/ff70494dd389ba570dbdbf36f217c28d4381c6b5/"
},
{
"name": "https://github.com/aircrack-ng/aircrack-ng/pull/13",
"refsource": "MISC",
"url": "https://github.com/aircrack-ng/aircrack-ng/pull/13"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98458",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98458"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-8321",
"datePublished": "2020-01-31T21:21:21",
"dateReserved": "2014-10-17T00:00:00",
"dateUpdated": "2024-08-06T13:10:50.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-8322 (GCVE-0-2014-8322)
Vulnerability from cvelistv5
Published
2020-01-31 21:21
Modified
2024-08-06 13:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in the tcp_test function in aireplay-ng.c in Aircrack-ng before 1.2 RC 1 allows remote attackers to execute arbitrary code via a crafted length parameter value.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:10:51.183Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/aircrack-ng/aircrack-ng/commit/091b153f294b9b695b0b2831e65936438b550d7b"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/35018"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/aircrack-ng/aircrack-ng/pull/14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98459"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the tcp_test function in aireplay-ng.c in Aircrack-ng before 1.2 RC 1 allows remote attackers to execute arbitrary code via a crafted length parameter value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-31T21:21:25",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aircrack-ng/aircrack-ng/commit/091b153f294b9b695b0b2831e65936438b550d7b"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.exploit-db.com/exploits/35018"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aircrack-ng/aircrack-ng/pull/14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98459"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8322",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the tcp_test function in aireplay-ng.c in Aircrack-ng before 1.2 RC 1 allows remote attackers to execute arbitrary code via a crafted length parameter value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html",
"refsource": "CONFIRM",
"url": "http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html"
},
{
"name": "http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html"
},
{
"name": "https://github.com/aircrack-ng/aircrack-ng/commit/091b153f294b9b695b0b2831e65936438b550d7b",
"refsource": "CONFIRM",
"url": "https://github.com/aircrack-ng/aircrack-ng/commit/091b153f294b9b695b0b2831e65936438b550d7b"
},
{
"name": "http://www.exploit-db.com/exploits/35018",
"refsource": "MISC",
"url": "http://www.exploit-db.com/exploits/35018"
},
{
"name": "https://github.com/aircrack-ng/aircrack-ng/pull/14",
"refsource": "MISC",
"url": "https://github.com/aircrack-ng/aircrack-ng/pull/14"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98459",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98459"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-8322",
"datePublished": "2020-01-31T21:21:25",
"dateReserved": "2014-10-17T00:00:00",
"dateUpdated": "2024-08-06T13:10:51.183Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-8324 (GCVE-0-2014-8324)
Vulnerability from cvelistv5
Published
2017-10-17 14:00
Modified
2024-08-06 13:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
network.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to cause a denial of service (segmentation fault) via a response with a crafted length parameter.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:10:51.244Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html"
},
{
"name": "GLSA-201411-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201411-08.xml"
},
{
"name": "FEDORA-2014-14247",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143595.html"
},
{
"name": "FEDORA-2014-14283",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143216.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/aircrack-ng/aircrack-ng/commit/88702a3ce4c28a973bf69023cd0312f412f6193e"
},
{
"name": "FEDORA-2014-14233",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143606.html"
},
{
"name": "20141101 Aircrack-ng 1.2 Beta 3\" multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/533869/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1159812"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "network.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to cause a denial of service (segmentation fault) via a response with a crafted length parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html"
},
{
"name": "GLSA-201411-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201411-08.xml"
},
{
"name": "FEDORA-2014-14247",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143595.html"
},
{
"name": "FEDORA-2014-14283",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143216.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aircrack-ng/aircrack-ng/commit/88702a3ce4c28a973bf69023cd0312f412f6193e"
},
{
"name": "FEDORA-2014-14233",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143606.html"
},
{
"name": "20141101 Aircrack-ng 1.2 Beta 3\" multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/533869/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1159812"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8324",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "network.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to cause a denial of service (segmentation fault) via a response with a crafted length parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html",
"refsource": "CONFIRM",
"url": "http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html"
},
{
"name": "http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html"
},
{
"name": "GLSA-201411-08",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201411-08.xml"
},
{
"name": "FEDORA-2014-14247",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143595.html"
},
{
"name": "FEDORA-2014-14283",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143216.html"
},
{
"name": "https://github.com/aircrack-ng/aircrack-ng/commit/88702a3ce4c28a973bf69023cd0312f412f6193e",
"refsource": "CONFIRM",
"url": "https://github.com/aircrack-ng/aircrack-ng/commit/88702a3ce4c28a973bf69023cd0312f412f6193e"
},
{
"name": "FEDORA-2014-14233",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143606.html"
},
{
"name": "20141101 Aircrack-ng 1.2 Beta 3\" multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/533869/100/0/threaded"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1159812",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1159812"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-8324",
"datePublished": "2017-10-17T14:00:00",
"dateReserved": "2014-10-17T00:00:00",
"dateUpdated": "2024-08-06T13:10:51.244Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1159 (GCVE-0-2010-1159)
Vulnerability from cvelistv5
Published
2013-10-28 22:00
Modified
2024-08-07 01:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple heap-based buffer overflows in Aircrack-ng before 1.1 allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) large length value in an EAPOL packet or (2) long EAPOL packet.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:14:06.663Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://pyrit.googlecode.com/svn/tags/opt/aircrackng_exploit.py"
},
{
"name": "GLSA-201310-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201310-06.xml"
},
{
"name": "39150",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39150"
},
{
"name": "55053",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55053"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.aircrack-ng.org/trunk/ChangeLog"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple heap-based buffer overflows in Aircrack-ng before 1.1 allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) large length value in an EAPOL packet or (2) long EAPOL packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-28T22:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://pyrit.googlecode.com/svn/tags/opt/aircrackng_exploit.py"
},
{
"name": "GLSA-201310-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201310-06.xml"
},
{
"name": "39150",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39150"
},
{
"name": "55053",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55053"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.aircrack-ng.org/trunk/ChangeLog"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-1159",
"datePublished": "2013-10-28T22:00:00Z",
"dateReserved": "2010-03-29T00:00:00Z",
"dateUpdated": "2024-08-07T01:14:06.663Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2017-10-17 14:29
Modified
2025-04-20 01:37
Severity ?
Summary
network.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to cause a denial of service (segmentation fault) via a response with a crafted length parameter.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html | Issue Tracking, Vendor Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143216.html | Third Party Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143595.html | Third Party Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143606.html | Third Party Advisory | |
| cve@mitre.org | http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html | Patch, Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-201411-08.xml | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/archive/1/533869/100/0/threaded | ||
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1159812 | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/aircrack-ng/aircrack-ng/commit/88702a3ce4c28a973bf69023cd0312f412f6193e | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143216.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143595.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143606.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html | Patch, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201411-08.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/533869/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1159812 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/aircrack-ng/aircrack-ng/commit/88702a3ce4c28a973bf69023cd0312f412f6193e | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| aircrack-ng | aircrack-ng | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:*:beta2:*:*:*:*:*:*",
"matchCriteriaId": "C1734B0A-A2E3-4064-A29C-FFB901C38465",
"versionEndIncluding": "1.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "network.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to cause a denial of service (segmentation fault) via a response with a crafted length parameter."
},
{
"lang": "es",
"value": "network.c en Aircrack-ng en versiones anteriores a 1.2 Beta 3 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (fallo de segmentaci\u00f3n) a trav\u00e9s de una respuesta con una longitud de par\u00e1metro manipulada."
}
],
"id": "CVE-2014-8324",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-17T14:29:00.290",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143216.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143595.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143606.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201411-08.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/533869/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1159812"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/aircrack-ng/aircrack-ng/commit/88702a3ce4c28a973bf69023cd0312f412f6193e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143216.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143595.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143606.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201411-08.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/533869/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1159812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/aircrack-ng/aircrack-ng/commit/88702a3ce4c28a973bf69023cd0312f412f6193e"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-10-28 22:55
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple heap-based buffer overflows in Aircrack-ng before 1.1 allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) large length value in an EAPOL packet or (2) long EAPOL packet.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://pyrit.googlecode.com/svn/tags/opt/aircrackng_exploit.py | ||
| secalert@redhat.com | http://secunia.com/advisories/39150 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/55053 | Vendor Advisory | |
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201310-06.xml | Vendor Advisory | |
| secalert@redhat.com | http://svn.aircrack-ng.org/trunk/ChangeLog | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://pyrit.googlecode.com/svn/tags/opt/aircrackng_exploit.py | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/39150 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/55053 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201310-06.xml | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://svn.aircrack-ng.org/trunk/ChangeLog |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| aircrack-ng | aircrack-ng | * | |
| aircrack-ng | aircrack-ng | 0.1 | |
| aircrack-ng | aircrack-ng | 0.2 | |
| aircrack-ng | aircrack-ng | 0.2.1 | |
| aircrack-ng | aircrack-ng | 0.3 | |
| aircrack-ng | aircrack-ng | 0.4 | |
| aircrack-ng | aircrack-ng | 0.4.1 | |
| aircrack-ng | aircrack-ng | 0.4.2 | |
| aircrack-ng | aircrack-ng | 0.4.3 | |
| aircrack-ng | aircrack-ng | 0.4.4 | |
| aircrack-ng | aircrack-ng | 0.5 | |
| aircrack-ng | aircrack-ng | 0.6 | |
| aircrack-ng | aircrack-ng | 0.6.1 | |
| aircrack-ng | aircrack-ng | 0.6.2 | |
| aircrack-ng | aircrack-ng | 0.7 | |
| aircrack-ng | aircrack-ng | 0.8 | |
| aircrack-ng | aircrack-ng | 0.9 | |
| aircrack-ng | aircrack-ng | 0.9.1 | |
| aircrack-ng | aircrack-ng | 0.9.2 | |
| aircrack-ng | aircrack-ng | 0.9.3 | |
| aircrack-ng | aircrack-ng | 1.0 | |
| aircrack-ng | aircrack-ng | 1.0 | |
| aircrack-ng | aircrack-ng | 1.0 | |
| aircrack-ng | aircrack-ng | 1.0 | |
| aircrack-ng | aircrack-ng | 1.0 | |
| aircrack-ng | aircrack-ng | 1.0 | |
| gentoo | linux | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1EEF295D-ADA4-47CE-8E46-93977D293C8A",
"versionEndIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5FC30508-83DD-466F-B430-1FD426F3B9AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DEAEA911-54C4-4B44-8FC4-8204C1E516B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C552A06D-59ED-40DC-8535-DF4570C997D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3D54EE0C-858B-4D51-A155-0457CFD7BB3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D1BF421A-BF2A-4DB3-AD93-9E380C900F35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6E52E207-A6FD-45EA-A454-D1C9D1F27990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3D0A99E2-CE75-4DCA-AEF4-F21F80248F49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2CDA1435-A239-4D75-96C2-C4380C3548D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:0.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F5839159-4DA2-4193-A0F2-3A7E82773241",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EF568980-FC0A-470E-AD54-EFD1CA56B281",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCEBBA9-C73C-4BC3-8847-3016B70F5BCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "50381F66-08AE-47B8-8823-715AD7AD835E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3E571FA6-8DD1-481A-97B2-92B2848C35DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D13FE1B4-5F38-48C9-8FC8-A97199604F03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9BF982A9-B5F6-491D-9BC5-0D1CD3ED5B00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CA09C662-2D43-43BE-9749-B2E0A01B01AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "905049DC-71E4-4D40-969D-0EAE46001464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A329D311-82EA-4CA1-87C1-D1B896662E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D714F18-79DD-46E5-AD11-D0B7A5B571AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:1.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "7417668D-2946-411B-8348-B8CF14A3E3DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:1.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "9E1957E1-9C0C-4A85-87E3-9492B03214C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "6E2B7AC6-65FD-4EB6-95E1-AD13E36A9C32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:1.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "2091AA55-81BD-44CC-9E55-23C786A6DD28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:1.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "D091746F-6E0A-4121-BAAC-76587073FCF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:1.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "7CC4EB5C-89DF-44BF-B7D3-C13BB229C79C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple heap-based buffer overflows in Aircrack-ng before 1.1 allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) large length value in an EAPOL packet or (2) long EAPOL packet."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de buffer basados en memoria din\u00e1mica en Aircrack-ng anteriores a 1.1 permiten a atacantes remotos causar denegaci\u00f3n de servicio (ca\u00edda) y ejecutar c\u00f3digo arbitrario a trav\u00e9s de (1) un valor grande en un paquete EAPOL o (2) un paquete EAPOL grande."
}
],
"id": "CVE-2010-1159",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-10-28T22:55:03.227",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://pyrit.googlecode.com/svn/tags/opt/aircrackng_exploit.py"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39150"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/55053"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201310-06.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://svn.aircrack-ng.org/trunk/ChangeLog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://pyrit.googlecode.com/svn/tags/opt/aircrackng_exploit.py"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/55053"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201310-06.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.aircrack-ng.org/trunk/ChangeLog"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-31 22:15
Modified
2024-11-21 02:18
Severity ?
Summary
Stack-based buffer overflow in the tcp_test function in aireplay-ng.c in Aircrack-ng before 1.2 RC 1 allows remote attackers to execute arbitrary code via a crafted length parameter value.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html | Product, Release Notes, Third Party Advisory | |
| cve@mitre.org | http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.exploit-db.com/exploits/35018 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/98459 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/aircrack-ng/aircrack-ng/commit/091b153f294b9b695b0b2831e65936438b550d7b | Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/aircrack-ng/aircrack-ng/pull/14 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html | Product, Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.exploit-db.com/exploits/35018 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/98459 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/aircrack-ng/aircrack-ng/commit/091b153f294b9b695b0b2831e65936438b550d7b | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/aircrack-ng/aircrack-ng/pull/14 | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| aircrack-ng | aircrack-ng | * | |
| aircrack-ng | aircrack-ng | 1.2 | |
| aircrack-ng | aircrack-ng | 1.2 | |
| aircrack-ng | aircrack-ng | 1.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3589281-1252-4D05-998E-39FD6336B670",
"versionEndIncluding": "1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:1.2:beta1:*:*:*:*:*:*",
"matchCriteriaId": "74AD6A4C-E624-4B24-A841-EBCD1ADE9E97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:1.2:beta2:*:*:*:*:*:*",
"matchCriteriaId": "FC858C42-ADCE-4C84-A3AF-E6DB015D894D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:1.2:beta3:*:*:*:*:*:*",
"matchCriteriaId": "26968784-4C5C-40CE-825B-4DE98C94FF7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the tcp_test function in aireplay-ng.c in Aircrack-ng before 1.2 RC 1 allows remote attackers to execute arbitrary code via a crafted length parameter value."
},
{
"lang": "es",
"value": "Un desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria en la funci\u00f3n tcp_test en el archivo aireplay-ng.c en Aircrack-ng versiones anteriores a 1.2 RC 1, permite a atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un valor del par\u00e1metro length dise\u00f1ado."
}
],
"id": "CVE-2014-8322",
"lastModified": "2024-11-21T02:18:51.937",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-31T22:15:11.057",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Product",
"Release Notes",
"Third Party Advisory"
],
"url": "http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.exploit-db.com/exploits/35018"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98459"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/aircrack-ng/aircrack-ng/commit/091b153f294b9b695b0b2831e65936438b550d7b"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/aircrack-ng/aircrack-ng/pull/14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Release Notes",
"Third Party Advisory"
],
"url": "http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.exploit-db.com/exploits/35018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98459"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/aircrack-ng/aircrack-ng/commit/091b153f294b9b695b0b2831e65936438b550d7b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/aircrack-ng/aircrack-ng/pull/14"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-17 14:29
Modified
2025-04-20 01:37
Severity ?
Summary
buddy-ng.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to cause a denial of service (segmentation fault) via a response with a crafted length parameter.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html | Issue Tracking, Vendor Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143216.html | Third Party Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143595.html | Third Party Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143606.html | Third Party Advisory | |
| cve@mitre.org | http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html | Patch, Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-201411-08.xml | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/archive/1/533869/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/71085 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1159812 | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/aircrack-ng/aircrack-ng/commit/da087238963c1239fdabd47dc1b65279605aca70 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143216.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143595.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143606.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html | Patch, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201411-08.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/533869/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/71085 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1159812 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/aircrack-ng/aircrack-ng/commit/da087238963c1239fdabd47dc1b65279605aca70 | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| aircrack-ng | aircrack-ng | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:*:beta2:*:*:*:*:*:*",
"matchCriteriaId": "C1734B0A-A2E3-4064-A29C-FFB901C38465",
"versionEndIncluding": "1.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "buddy-ng.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to cause a denial of service (segmentation fault) via a response with a crafted length parameter."
},
{
"lang": "es",
"value": "buddy-ng.c en Aircrack-ng en versiones anteriores a la 1.2 Beta 3 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (fallo de segmentaci\u00f3n) a trav\u00e9s de una respuesta con una longitud de par\u00e1metro manipulada."
}
],
"id": "CVE-2014-8323",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-17T14:29:00.227",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143216.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143595.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143606.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201411-08.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/533869/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/71085"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1159812"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/aircrack-ng/aircrack-ng/commit/da087238963c1239fdabd47dc1b65279605aca70"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143216.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143595.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143606.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201411-08.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/533869/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/71085"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1159812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/aircrack-ng/aircrack-ng/commit/da087238963c1239fdabd47dc1b65279605aca70"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-31 22:15
Modified
2024-11-21 02:18
Severity ?
Summary
Stack-based buffer overflow in the gps_tracker function in airodump-ng.c in Aircrack-ng before 1.2 RC 1 allows local users to execute arbitrary code or gain privileges via unspecified vectors.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html | Product, Release Notes, Third Party Advisory | |
| cve@mitre.org | http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/98458 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/aircrack-ng/aircrack-ng/commit/ff70494dd389ba570dbdbf36f217c28d4381c6b5/ | Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/aircrack-ng/aircrack-ng/pull/13 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html | Product, Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/98458 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/aircrack-ng/aircrack-ng/commit/ff70494dd389ba570dbdbf36f217c28d4381c6b5/ | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/aircrack-ng/aircrack-ng/pull/13 | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| aircrack-ng | aircrack-ng | * | |
| aircrack-ng | aircrack-ng | 1.2 | |
| aircrack-ng | aircrack-ng | 1.2 | |
| aircrack-ng | aircrack-ng | 1.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3589281-1252-4D05-998E-39FD6336B670",
"versionEndIncluding": "1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:1.2:beta1:*:*:*:*:*:*",
"matchCriteriaId": "74AD6A4C-E624-4B24-A841-EBCD1ADE9E97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:1.2:beta2:*:*:*:*:*:*",
"matchCriteriaId": "FC858C42-ADCE-4C84-A3AF-E6DB015D894D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aircrack-ng:aircrack-ng:1.2:beta3:*:*:*:*:*:*",
"matchCriteriaId": "26968784-4C5C-40CE-825B-4DE98C94FF7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the gps_tracker function in airodump-ng.c in Aircrack-ng before 1.2 RC 1 allows local users to execute arbitrary code or gain privileges via unspecified vectors."
},
{
"lang": "es",
"value": "Un desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria en la funci\u00f3n gps_tracker en el archivo airodump-ng.c en Aircrack-ng versiones anteriores a 1.2 RC 1, permite a usuarios locales ejecutar c\u00f3digo arbitrario o alcanzar privilegios por medio de vectores no especificados."
}
],
"id": "CVE-2014-8321",
"lastModified": "2024-11-21T02:18:51.780",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-31T22:15:10.997",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Product",
"Release Notes",
"Third Party Advisory"
],
"url": "http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98458"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/aircrack-ng/aircrack-ng/commit/ff70494dd389ba570dbdbf36f217c28d4381c6b5/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/aircrack-ng/aircrack-ng/pull/13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Release Notes",
"Third Party Advisory"
],
"url": "http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98458"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/aircrack-ng/aircrack-ng/commit/ff70494dd389ba570dbdbf36f217c28d4381c6b5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/aircrack-ng/aircrack-ng/pull/13"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}