Vulnerability Description
Integer overflow in IEEE 802.11 network subsystem (ieee80211_ioctl.c) in FreeBSD before 6.0-STABLE, while scanning for wireless networks, allows remote attackers to execute arbitrary code by broadcasting crafted (1) beacon or (2) probe response frames.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Freebsd | Freebsd | 6.0 |
References
- ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:05.80211.asc
- http://kernelwars.blogspot.com/2007/01/alive.html
- http://secunia.com/advisories/18353PatchVendor Advisory
- http://securitytracker.com/id?1015518
- http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#Eriksson
- http://www.osvdb.org/22537
- http://www.securityfocus.com/bid/16296Patch
- http://www.signedness.org/advisories/sps-0x1.txtVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24192
- ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:05.80211.asc
- http://kernelwars.blogspot.com/2007/01/alive.html
- http://secunia.com/advisories/18353PatchVendor Advisory
- http://securitytracker.com/id?1015518
- http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#Eriksson
- http://www.osvdb.org/22537
FAQ
What is CVE-2006-0226?
CVE-2006-0226 is a vulnerability with a CVSS score of 10.0 (HIGH). Integer overflow in IEEE 802.11 network subsystem (ieee80211_ioctl.c) in FreeBSD before 6.0-STABLE, while scanning for wireless networks, allows remote attackers to execute arbitrary code by broadcast...
How severe is CVE-2006-0226?
CVE-2006-0226 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-0226?
Check the references section above for vendor advisories and patch information. Affected products include: Freebsd Freebsd.