31 matches found
CVE-2022-24700
WinAPRS 2.9.0 is affected by a buffer overflow in the DIGI address processing of VHF KISS AX.25 packets, which could allow a remote attacker to cause a denial of service (daemon crash). The issue is caused by improper handling in the DIGI address processing path. Remediation: there is no publicly...
CVE-2022-24700
An issue was discovered in WinAPRS 2.9.0. A buffer overflow in DIGI address processing for VHF KISS packets allows a remote attacker to cause a denial of service daemon crash via a malicious AX.25 packet over the air. NOTE: This vulnerability only affects products that are no longer supported by...
CVE-2022-24702
An issue was discovered in WinAPRS 2.9.0. A buffer overflow in the VHF KISS TNC component allows a remote attacker to achieve remote code execution via malicious AX.25 packets over the air. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2022-24702
CVE-2022-24702 affects WinAPRS 2.9.0. A buffer overflow in the VHF KISS TNC component can allow remote code execution via malicious AX.25 packets over the air. All sources note the vulnerability impacts products no longer supported by the maintainer. Connected documents do not provide a patched v...
PT-2022-16813 · Winaprs · Winaprs
Name of the Vulnerable Software and Affected Versions: WinAPRS version 2.9.0 Description: An issue was discovered in the processing of national.txt, which allows a local attacker to cause a denial of service or possibly achieve code execution through a buffer overflow. This issue only affects...
PT-2022-16814 · Winaprs · Winaprs
Name of the Vulnerable Software and Affected Versions: WinAPRS version 2.9.0 Description: An issue was discovered in the VHF KISS TNC component, allowing a remote attacker to achieve remote code execution via malicious AX.25 packets over the air. This issue only affects products that are no longe...
PT-2022-16812 · Winaprs · Winaprs
Name of the Vulnerable Software and Affected Versions: WinAPRS version 2.9.0 Description: An issue was discovered in the DIGI address processing for VHF KISS packets, allowing a remote attacker to cause a denial of service daemon crash via a malicious AX.25 packet over the air. This issue only...
Hacking Ham Radio: WinAPRS – Part 4
In part three of this series, we discovered and traced a memory corruption bug in WinAPRS using IDA Pro and WinDbg. We discovered that it could be used to gain control over the CPUs EIP register to obtain remote code execution. We found that there were limitations on the address that could be...
Hacking Ham Radio: WinAPRS – Part 3
In part two of this series, we reviewed our WinAPRS software and hardware configuration. We then began reverse engineering WinAPRS and fuzzing it for vulnerabilities using modified open-source software. Finally, we identified a potentially exploitable vulnerability. This installment will dig into...
Hacking Ham Radio: WinAPRS – Part 2
In part one of this series on vulnerability research in ham radio software, we discussed ham radio and digital communications via packet radio. We reviewed some relevant packet radio protocols such as AX.25, APRS, and KISS. We then chose WinAPRS as our target application. In this installment we...
Hacking Ham Radio: WinAPRS – Part 1
Hackers have been breaching computer system defenses for more than half a century, and the networks they use to exploit those weaknesses have been around for far longer than that. With the internet replacing most wirelines and wavelengths, and with the rise of cybercrime sophistication from petty...