Lucene search

K
cve[email protected]CVE-2006-7180
HistoryMar 30, 2007 - 1:19 a.m.

CVE-2006-7180

2007-03-3001:19:00
NVD-CWE-Other
web.nvd.nist.gov
22
madwifi
cve-2006-7180
unencrypted packets
wpa authentication
denial of service
spoofing attacks
nvd

6.6 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.036 Low

EPSS

Percentile

91.4%

ieee80211_output.c in MadWifi before 0.9.3 sends unencrypted packets before WPA authentication succeeds, which allows remote attackers to obtain sensitive information (related to network structure), and possibly cause a denial of service (disrupted authentication) and conduct spoofing attacks.

CPENameOperatorVersion
madwifi:madwifimadwifile0.9.2

6.6 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.036 Low

EPSS

Percentile

91.4%