PRIOn knowledge basePRION:CVE-2007-2831

HistoryMay 24, 2007 - 2:30 a.m.

Code injection

2007-05-2402:30:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

47.8%

JSON

Array index error in the (1) ieee80211_ioctl_getwmmparams and (2) ieee80211_ioctl_setwmmparams functions in net80211/ieee80211_wireless.c in MadWifi before 0.9.3.1 allows local users to cause a denial of service (system crash), possibly obtain kernel memory contents, and possibly execute arbitrary code via a large negative array index value.

CPENameOperatorVersion
madwifieq0.9.0
madwifieq0.9.2
madwifile0.9.3
madwifieq0.9.2.1
madwifieq0.9.1

Name	Operator	Version
madwifi	eq	0.9.0
madwifi	eq	0.9.2
madwifi	le	0.9.3
madwifi	eq	0.9.2.1
madwifi	eq	0.9.1

References

madwifi.org/ticket/1334

madwifi.org/wiki/Security

osvdb.org/36637

secunia.com/advisories/25339

secunia.com/advisories/25622

secunia.com/advisories/25763

secunia.com/advisories/25861

secunia.com/advisories/26083

security.gentoo.org/glsa/glsa-200706-04.xml

www.mandriva.com/security/advisories?name=MDKSA-2007:132

www.novell.com/linux/security/advisories/2007_14_sr.html

www.securityfocus.com/archive/1/470674/100/100/threaded

www.securityfocus.com/bid/24114

www.ubuntu.com/usn/usn-479-1

www.vupen.com/english/advisories/2007/1919

exchange.xforce.ibmcloud.com/vulnerabilities/34453

7.2 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

47.8%

JSON

Related for PRION:CVE-2007-2831