Vulnerability Description
Multiple heap-based buffer overflows in Aircrack-ng before 1.1 allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) large length value in an EAPOL packet or (2) long EAPOL packet.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Aircrack-Ng | Aircrack-Ng | <= 1.0 |
| Gentoo | Linux | All versions |
Related Weaknesses (CWE)
References
- http://pyrit.googlecode.com/svn/tags/opt/aircrackng_exploit.py
- http://secunia.com/advisories/39150Vendor Advisory
- http://secunia.com/advisories/55053Vendor Advisory
- http://security.gentoo.org/glsa/glsa-201310-06.xmlVendor Advisory
- http://svn.aircrack-ng.org/trunk/ChangeLog
- http://pyrit.googlecode.com/svn/tags/opt/aircrackng_exploit.py
- http://secunia.com/advisories/39150Vendor Advisory
- http://secunia.com/advisories/55053Vendor Advisory
- http://security.gentoo.org/glsa/glsa-201310-06.xmlVendor Advisory
- http://svn.aircrack-ng.org/trunk/ChangeLog
FAQ
What is CVE-2010-1159?
CVE-2010-1159 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Multiple heap-based buffer overflows in Aircrack-ng before 1.1 allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) large length value in an EAPOL packet or...
How severe is CVE-2010-1159?
CVE-2010-1159 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-1159?
Check the references section above for vendor advisories and patch information. Affected products include: Aircrack-Ng Aircrack-Ng, Gentoo Linux.