15 matches found
Linksys WAP4400N关联请求远程拒绝服务漏洞
BUGTRAQ ID: 37017 CVE ID: CVE-2007-5475 Linksys WAP4400N是一款小型的无线路由器。 Linksys WAP4400N所使用的MARVELL 88W8361P-BEM1无线芯片组驱动没有正确地解析关联请求中所包含的速率、扩展速率等信息元素,通过802.11认证的用户可以通过向无线AP发送恶意请求导致设备重启或挂起。 0 Cisco Linksys WAP4400N 1.2.17 厂商补丁: Cisco ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
Buffer overflow
Multiple buffer overflows in the Marvell wireless driver, as used in Linksys WAP4400N Wi-Fi access point with firmware 1.2.17 on the Marvell 88W8361P-BEM1 chipset, and other products, allow remote 802.11-authenticated users to cause a denial of service wireless access point crash and possibly...
Design/Logic Flaw
Unspecified vulnerability in the SNMPv3 component in Linksys WAP4400N firmware 1.2.14 on the Marvell Semiconductor 88W8361P-BEM1 chipset has unknown impact and attack vectors, probably remote...
CVE-2008-4594
Unspecified vulnerability in the SNMPv3 component in Linksys WAP4400N firmware 1.2.14 on the Marvell Semiconductor 88W8361P-BEM1 chipset has unknown impact and attack vectors, probably remote...
CVE-2008-4594
Technical details for CVE-2008-4594 are not publicly available in the provided documents. The entries describe an unspecified SNMPv3 vulnerability with unknown impact; monitor for updates from official advisories.
CVE-2008-4441
The Marvell driver for the Linksys WAP4400N Wi-Fi access point with firmware 1.2.14 on the Marvell 88W8361P-BEM1 chipset, when WEP mode is enabled, does not properly parse malformed 802.11 frames, which allows remote attackers to cause a denial of service reboot or hang-up via a malformed...
CVE-2008-4441
Summary: CVE-2008-4441 affects Linksys WAP4400N (firmware 1.2.14) with Marvell 88W8361P‑BEM1. When in WEP mode, the Marvell wireless driver fails to parse certain malformed 802.11 frames, enabling a remote attacker to cause a denial of service (reboot or hang) by sending a malformed association r...
Marvell Driver Malformed Association Request Vulnerability
Title: ------ Marvell Driver Malformed Association Request Vulnerability Summary: -------- The wireless drivers in some Wi-Fi access points such as the MARVELL-based Linksys WAP4400N do not correctly parse some malformed 802.11 frames. Assigned CVE: ------------- CVE-2008-4441 Details: -------- T...
NETGEAR WN802T Wireless Access Point EAPoL密钥长度拒绝服务漏洞
BUGTRAQ ID: 31013 CVE ID:CVE-2008-1144 CNCVE ID:CNCVE-20081144 NETGEAR WN802T Wireless Access Point是一款无线路由接入点。 NETGEAR WN802T Wireless Access Point不正确处理EAPoL报文中的超长密钥长度,远程攻击者可以利用漏洞对服务进行拒绝服务攻击。 发送特殊构建的EAPoL报文可触发此漏洞,不过只有通过802.11验证后才能利用无线访问接入点的"Open"模式配置和成功关联恰当的安全参数如WPA w/ TKIP unicast, TKIP multicas...
Marvell Driver Null SSID Association Request Vulnerability
Title: ------ Marvell Driver Null SSID Association Request Vulnerability Summary: ------ The wireless drivers in some Wi-Fi access points such as the MARVELL-based Netgear WN802T do not correctly parse SSID information element included in association requests. Most information elements are used b...
Marvell Driver EAPoL-Key Length Overflow
Title: ------ Marvell Driver EAPoL-Key Length Overflow Summary: -------- The wireless drivers in some Wi-Fi access points such as the MARVELL-based Netgear WN802T do not correctly parse malformed EAPoL-Key packets. This packet is used for unicast/multicast key derivation which are called 4-way...
Cross site request forgery (csrf)
The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse the SSID information element in an association request, which allows remote authenticated users to cause a denial of service device reboot or hang or...
CVE-2008-1197
CVE-2008-1197 affects Netgear WN802T (firmware 1.3.16) using Marvell 88W8361P-BEM1. The driver fails to correctly parse the SSID information element in an association request, enabling remote authenticated users to trigger a denial of service (device reboot/hang) and potentially execute arbitrary...
CVE-2008-1144
CVE-2008-1144 affects the Netgear WN802T Wi‑Fi AP with Marvell 88W8361P‑BEM1, where the Marvell driver mishandles EAPoL‑Key packets. A crafted EAPoL‑Key with an advertised length can be used by remote authenticated users to cause a denial of service (device reboot or hang) and may enable arbitrar...
CVE-2008-1144
The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse EAPoL-Key packets, which allows remote authenticated users to cause a denial of service device reboot or hang or possibly execute arbitrary code via a...