CVE-2010-1159

2013-10-2822:00:00

redhat

www.cve.org

AI Score

7.7

Confidence

Low

EPSS

0.426

Percentile

97.3%

JSON

Multiple heap-based buffer overflows in Aircrack-ng before 1.1 allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) large length value in an EAPOL packet or (2) long EAPOL packet.

References

pyrit.googlecode.com/svn/tags/opt/aircrackng_exploit.py

secunia.com/advisories/39150

secunia.com/advisories/55053

security.gentoo.org/glsa/glsa-201310-06.xml

svn.aircrack-ng.org/trunk/ChangeLog