Lucene search

[email protected]CVE-2008-4441

HistoryOct 14, 2008 - 3:28 p.m.

CVE-2008-4441

2008-10-1415:28:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2008-4441

linksys

wap4400n

wi-fi

marvell

88w8361p-bem1

denial of service

wep

vulnerability

6.8 Medium

AI Score

Confidence

Low

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.019 Low

EPSS

Percentile

88.6%

JSON

The Marvell driver for the Linksys WAP4400N Wi-Fi access point with firmware 1.2.14 on the Marvell 88W8361P-BEM1 chipset, when WEP mode is enabled, does not properly parse malformed 802.11 frames, which allows remote attackers to cause a denial of service (reboot or hang-up) via a malformed association request containing the WEP flag, as demonstrated by a request that is too short, a different vulnerability than CVE-2008-1144 and CVE-2008-1197.

CPENameOperatorVersion
linksys:wap400nlinksys wap400neq1.2.14

CPE	Name	Operator	Version
linksys:wap400n	linksys wap400n	eq	1.2.14

References

secunia.com/advisories/32259

securityreason.com/securityalert/4400

www.securityfocus.com/archive/1/497285/100/0/threaded

www.securityfocus.com/bid/31742

www.vupen.com/english/advisories/2008/2805

exchange.xforce.ibmcloud.com/vulnerabilities/45841

6.8 Medium

AI Score

Confidence

Low

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.019 Low

EPSS

Percentile

88.6%

JSON

Related for CVE-2008-4441

prion3 seebug2 securityvulns5 cve2