Vulnerability Name:

CVE-2006-0226 (CCN-24192)

Assigned:2006-01-18
Published:2006-01-18
Updated:2017-07-20
Summary:Integer overflow in IEEE 802.11 network subsystem (ieee80211_ioctl.c) in FreeBSD before 6.0-STABLE, while scanning for wireless networks, allows remote attackers to execute arbitrary code by broadcasting crafted (1) beacon or (2) probe response frames.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: FreeBSD Security Advisory FreeBSD-SA-06:05.80211
IEEE 802.11 buffer overflow

Source: FREEBSD
Type: UNKNOWN
FreeBSD-SA-06:05

Source: MITRE
Type: CNA
CVE-2006-0226

Source: MISC
Type: UNKNOWN
http://kernelwars.blogspot.com/2007/01/alive.html

Source: CCN
Type: SA18353
FreeBSD IEEE 802.11 Buffer Overflow Vulnerability

Source: SECUNIA
Type: Patch, Vendor Advisory
18353

Source: CCN
Type: SECTRACK ID: 1015518
FreeBSD 802.11 Response Frame Integer Overflow May Let Remote Users Execute Arbitrary Code

Source: SECTRACK
Type: UNKNOWN
1015518

Source: MISC
Type: UNKNOWN
http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#Eriksson

Source: OSVDB
Type: UNKNOWN
22537

Source: CCN
Type: OSVDB ID: 22537
FreeBSD net80211 Module IEEE 802.11 Probe Response Overflow

Source: BID
Type: Patch
16296

Source: CCN
Type: BID-16296
FreeBSD IEEE 802.11 Network Subsystem Remote Buffer Overflow Vulnerability

Source: CCN
Type: signedness.org public security advisory 0x1
2006-01-18 stack overflow in FreeBSD

Source: MISC
Type: Vendor Advisory
http://www.signedness.org/advisories/sps-0x1.txt

Source: XF
Type: UNKNOWN
bsd-ieee80211-bo(24192)

Source: XF
Type: UNKNOWN
bsd-ieee80211-bo(24192)

Vulnerable Configuration:Configuration 1:
  • cpe:/o:freebsd:freebsd:6.0:release:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:6.0:stable:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:freebsd:freebsd:6.0:-:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    freebsd freebsd 6.0 release
    freebsd freebsd 6.0 stable
    freebsd freebsd 6.0 -