Ubuntu.comUB:CVE-2010-4648CVE-2010-4648
3.3 Low
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:A/AC:L/Au:N/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
64.7%
The orinoco_ioctl_set_auth function in drivers/net/wireless/orinoco/wext.c
in the Linux kernel before 2.6.37 does not properly implement a TKIP
protection mechanism, which makes it easier for remote attackers to obtain
access to a Wi-Fi network by reading Wi-Fi frames.
Bugs
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 10.04 | noarch | linux | < 2.6.32-29.57 | UNKNOWN |
| ubuntu | 10.10 | noarch | linux | < 2.6.35-27.47 | UNKNOWN |
| ubuntu | 10.04 | noarch | linux-ec2 | < 2.6.32-313.25 | UNKNOWN |
| ubuntu | 10.04 | noarch | linux-lts-backport-maverick | < 2.6.35-28.50~lucid1 | UNKNOWN |
| ubuntu | 10.04 | noarch | linux-mvl-dove | < 2.6.32-214.30 | UNKNOWN |
| ubuntu | 10.10 | noarch | linux-mvl-dove | < 2.6.32-414.30 | UNKNOWN |
References
launchpad.net/bugs/cve/CVE-2010-4648
nvd.nist.gov/vuln/detail/CVE-2010-4648
security-tracker.debian.org/tracker/CVE-2010-4648
ubuntu.com/security/notices/USN-1080-1
ubuntu.com/security/notices/USN-1080-2
ubuntu.com/security/notices/USN-1081-1
ubuntu.com/security/notices/USN-1093-1
ubuntu.com/security/notices/USN-1187-1
www.cve.org/CVERecord?id=CVE-2010-4648
www.redhat.com/archives/rhsa-announce/2011-April/msg00007.html
Related
3.3 Low
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:A/AC:L/Au:N/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
64.7%