Vulnerability Name:

CVE-2010-1159

Assigned:2010-03-29
Published:2013-10-28
Updated:2013-10-29
Summary:Multiple heap-based buffer overflows in Aircrack-ng before 1.1 allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) large length value in an EAPOL packet or (2) long EAPOL packet.
CVSS v3 Severity:5.6 Medium (CCN CVSS v3 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:POC/RL:TF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
5.4 Medium (CCN CVSS v2 Vector: AV:A/AC:M/Au:N/C:P/I:P/A:P)
4.4 Medium (CCN Temporal CVSS v2 Vector: AV:A/AC:M/Au:N/C:P/I:P/A:P/E:POC/RL:TF/RC:C)
Exploitability Metrics:Access Vector (AV): Adjacent_Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-119
References:Source: MISC
Type: UNKNOWN
http://pyrit.googlecode.com/svn/tags/opt/aircrackng_exploit.py

Source: GENTOO
Type: VENDOR_ADVISORY
GLSA-201310-06

Source: CONFIRM
Type: UNKNOWN
http://svn.aircrack-ng.org/trunk/ChangeLog

Source: XF
Type: UNKNOWN
aircrackng-eapol-bo(57453)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:aircrack-ng:aircrack-ng:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:aircrack-ng:aircrack-ng:1.0:rc4:*:*:*:*:*:*
  • OR cpe:/a:aircrack-ng:aircrack-ng:1.0:rc3:*:*:*:*:*:*
  • OR cpe:/a:aircrack-ng:aircrack-ng:1.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:aircrack-ng:aircrack-ng:1.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:aircrack-ng:aircrack-ng:1.0:beta2:*:*:*:*:*:*
  • OR cpe:/a:aircrack-ng:aircrack-ng:1.0:beta1:*:*:*:*:*:*
  • OR cpe:/a:aircrack-ng:aircrack-ng:0.9.3:*:*:*:*:*:*:*
  • OR cpe:/a:aircrack-ng:aircrack-ng:0.9.2:*:*:*:*:*:*:*
  • OR cpe:/a:aircrack-ng:aircrack-ng:0.9.1:*:*:*:*:*:*:*
  • OR cpe:/a:aircrack-ng:aircrack-ng:0.9:*:*:*:*:*:*:*
  • OR cpe:/a:aircrack-ng:aircrack-ng:0.8:*:*:*:*:*:*:*
  • OR cpe:/a:aircrack-ng:aircrack-ng:0.7:*:*:*:*:*:*:*
  • OR cpe:/a:aircrack-ng:aircrack-ng:0.6.2:*:*:*:*:*:*:*
  • OR cpe:/a:aircrack-ng:aircrack-ng:0.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:aircrack-ng:aircrack-ng:0.6:*:*:*:*:*:*:*
  • OR cpe:/a:aircrack-ng:aircrack-ng:0.5:*:*:*:*:*:*:*
  • OR cpe:/a:aircrack-ng:aircrack-ng:0.4.4:*:*:*:*:*:*:*
  • OR cpe:/a:aircrack-ng:aircrack-ng:0.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:aircrack-ng:aircrack-ng:0.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:aircrack-ng:aircrack-ng:0.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:aircrack-ng:aircrack-ng:0.4:*:*:*:*:*:*:*
  • OR cpe:/a:aircrack-ng:aircrack-ng:0.3:*:*:*:*:*:*:*
  • OR cpe:/a:aircrack-ng:aircrack-ng:0.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:aircrack-ng:aircrack-ng:0.2:*:*:*:*:*:*:*
  • OR cpe:/a:aircrack-ng:aircrack-ng:0.1:*:*:*:*:*:*:*
  • OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*

  • Denotes that component is vulnerable
    BACK
    aircrack-ng aircrack-ng 1.0
    aircrack-ng aircrack-ng 1.0 rc4
    aircrack-ng aircrack-ng 1.0 rc3
    aircrack-ng aircrack-ng 1.0 rc2
    aircrack-ng aircrack-ng 1.0 rc1
    aircrack-ng aircrack-ng 1.0 beta2
    aircrack-ng aircrack-ng 1.0 beta1
    aircrack-ng aircrack-ng 0.9.3
    aircrack-ng aircrack-ng 0.9.2
    aircrack-ng aircrack-ng 0.9.1
    aircrack-ng aircrack-ng 0.9
    aircrack-ng aircrack-ng 0.8
    aircrack-ng aircrack-ng 0.7
    aircrack-ng aircrack-ng 0.6.2
    aircrack-ng aircrack-ng 0.6.1
    aircrack-ng aircrack-ng 0.6
    aircrack-ng aircrack-ng 0.5
    aircrack-ng aircrack-ng 0.4.4
    aircrack-ng aircrack-ng 0.4.3
    aircrack-ng aircrack-ng 0.4.2
    aircrack-ng aircrack-ng 0.4.1
    aircrack-ng aircrack-ng 0.4
    aircrack-ng aircrack-ng 0.3
    aircrack-ng aircrack-ng 0.2.1
    aircrack-ng aircrack-ng 0.2
    aircrack-ng aircrack-ng 0.1
    gentoo linux *