FreeBSD Security Advisory (FreeBSD-SA-06:05.80211.asc)

The FreeBSD-SA-06:05.80211.asc advisory addresses an integer overflow in the IEEE 802.11 network subsystem, leading to buffer overflow when scanning for wireless networks

Reporter	Title	Published	Views	Family All 9
CVE	CVE-2006-0226	19 Jan 200601:00	–	cve
Cvelist	CVE-2006-0226	19 Jan 200601:00	–	cvelist
FreeBSD	IEEE 802.11 -- buffer overflow	18 Jan 200600:00	–	freebsd
FreeBSD Advisory	FreeBSD-SA-06:05.80211	18 Jan 200600:00	–	freebsd_advisory
NVD	CVE-2006-0226	19 Jan 200601:03	–	nvd
OpenVAS	FreeBSD Security Advisory (FreeBSD-SA-06:05.80211.asc)	4 Sep 200800:00	–	openvas
Prion	Integer overflow	19 Jan 200601:03	–	prion
securityvulns	FreeBSD Security Advisory FreeBSD-SA-06:05.80211	20 Jan 200600:00	–	securityvulns
seebug.org	FreeBSD IEEE 802.11网络子系统远程溢出漏洞	17 Aug 200600:00	–	seebug

#
#ADV FreeBSD-SA-06:05.80211.asc
# OpenVAS Vulnerability Test
# $
# Description: Auto generated from vuxml or freebsd advisories
#
# Authors:
# Thomas Reinke <[email protected]>
#
# Copyright:
# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largely excerpted from the referenced
# advisories, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
#

tag_insight = "The IEEE 802.11 network subsystem of FreeBSD implements the protocol
negotiation used for wireless networking.

An integer overflow in the handling of corrupt IEEE 802.11 beacon or
probe response frames when scanning for existing wireless networks can
result in the frame overflowing a buffer.";
tag_solution = "Upgrade your system to the appropriate stable release
or security branch dated after the correction date

https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-06:05.80211.asc";
tag_summary = "The remote host is missing an update to the system
as announced in the referenced advisory FreeBSD-SA-06:05.80211.asc";

                                                                                
if(description)
{
 script_id(56186);
 script_version("$Revision: 8023 $");
 script_tag(name:"last_modification", value:"$Date: 2017-12-07 09:36:26 +0100 (Thu, 07 Dec 2017) $");
 script_tag(name:"creation_date", value:"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)");
 script_bugtraq_id(16296);
 script_cve_id("CVE-2006-0226");
 script_tag(name:"cvss_base", value:"10.0");
 script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
 name = "FreeBSD Security Advisory (FreeBSD-SA-06:05.80211.asc)";
 script_name(name);



 script_category(ACT_GATHER_INFO);

 script_copyright("Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com");
 family = "FreeBSD Local Security Checks";
 script_family(family);
 script_dependencies("gather-package-list.nasl");
 script_mandatory_keys("ssh/login/freebsdpatchlevel", "login/SSH/success");
 script_tag(name : "insight" , value : tag_insight);
 script_tag(name : "solution" , value : tag_solution);
 script_tag(name : "summary" , value : tag_summary);
 script_tag(name:"qod_type", value:"package");
 script_tag(name:"solution_type", value:"VendorFix");
 exit(0);
}

#
# The script code starts here
#

include("pkg-lib-bsd.inc");
vuln = 0;
if(patchlevelcmp(rel:"6.0", patchlevel:"3")<0) {
    vuln = 1;
}

if(vuln) {
    security_message(0);
} else if (__pkg_match) {
    exit(99); # Not vulnerable.
}

07 Dec 2017 00:00Current

0.3Low risk

Vulners AI Score0.3

EPSS0.17279