Lucene search

MitreCVE-2006-1385

HistoryMar 24, 2006 - 11:02 a.m.

CVE-2006-1385

2006-03-2411:02:00

mitre

web.nvd.nist.gov

cve

2006

1385

stack-based buffer overflow

parsetaggeddata

wavepacket.mm

kismac

r54

r73p

802.11 management frame

nvd

cisco

ssids

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

8.1

Confidence

High

EPSS

0.124

Percentile

95.4%

JSON

Stack-based buffer overflow in the parseTaggedData function in WavePacket.mm in KisMAC R54 through R73p allows remote attackers to execute arbitrary code via multiple SSIDs in a Cisco vendor tag in a 802.11 management frame.

Affected configurations

Nvd

Node

kismackismacMatch0.1a

kismackismacMatch0.1b

kismackismacMatch0.1c

kismackismacMatch0.2a

kismackismacMatch0.5d

kismackismacMatch0.5d4

kismackismacMatch0.10a

kismackismacMatch0.11a

kismackismacMatch0.12a

VendorProductVersionCPE
kismackismac0.1acpe:2.3:a:kismac:kismac:0.1a:*:*:*:*:*:*:*
kismackismac0.1bcpe:2.3:a:kismac:kismac:0.1b:*:*:*:*:*:*:*
kismackismac0.1ccpe:2.3:a:kismac:kismac:0.1c:*:*:*:*:*:*:*
kismackismac0.2acpe:2.3:a:kismac:kismac:0.2a:*:*:*:*:*:*:*
kismackismac0.5dcpe:2.3:a:kismac:kismac:0.5d:*:*:*:*:*:*:*
kismackismac0.5d4cpe:2.3:a:kismac:kismac:0.5d4:*:*:*:*:*:*:*
kismackismac0.10acpe:2.3:a:kismac:kismac:0.10a:*:*:*:*:*:*:*
kismackismac0.11acpe:2.3:a:kismac:kismac:0.11a:*:*:*:*:*:*:*
kismackismac0.12acpe:2.3:a:kismac:kismac:0.12a:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
kismac	kismac	0.1a	cpe:2.3:a:kismac:kismac:0.1a:::::::*
kismac	kismac	0.1b	cpe:2.3:a:kismac:kismac:0.1b:::::::*
kismac	kismac	0.1c	cpe:2.3:a:kismac:kismac:0.1c:::::::*
kismac	kismac	0.2a	cpe:2.3:a:kismac:kismac:0.2a:::::::*
kismac	kismac	0.5d	cpe:2.3:a:kismac:kismac:0.5d:::::::*
kismac	kismac	0.5d4	cpe:2.3:a:kismac:kismac:0.5d4:::::::*
kismac	kismac	0.10a	cpe:2.3:a:kismac:kismac:0.10a:::::::*
kismac	kismac	0.11a	cpe:2.3:a:kismac:kismac:0.11a:::::::*
kismac	kismac	0.12a	cpe:2.3:a:kismac:kismac:0.12a:::::::*

References

kismac.de/_trac/changeset/113

lists.grok.org.uk/pipermail/full-disclosure/2006-March/044323.html

secunia.com/advisories/19354

securityreason.com/securityalert/609

www.hardened-php.net/advisory_032006.115.html

www.osvdb.org/24072

www.securityfocus.com/archive/1/428537/100/0/threaded

www.securityfocus.com/bid/17198

www.vupen.com/english/advisories/2006/1070

exchange.xforce.ibmcloud.com/vulnerabilities/25422

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

8.1

Confidence

High

EPSS

0.124

Percentile

95.4%

JSON

Related for CVE-2006-1385