CVE-2007-3762

Stack-based buffer overflow in the IAX2 channel driver chaniax2 in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to execute arbitrary code by sending a...

CVE-2007-2829

The 802.11 network stack in net80211/ieee80211input.c in MadWifi before 0.9.3.1 allows remote attackers to cause a denial of service system hang via a crafted length field in nested 802.3 Ethernet frames in Fast Frame packets, which results in a NULL pointer dereference...

GLSA-200704-15 : MadWifi: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200704-15 MadWifi: Multiple vulnerabilities The driver does not properly process Channel Switch Announcement Information Elements, allowing for an abnormal channel change. The ieee80211input function does not properly handle AUTH...

MadWifi: Multiple vulnerabilities

Background The MadWifi driver provides support for Atheros based IEEE 802.11 Wireless Lan cards. Description The driver does not properly process Channel Switch Announcement Information Elements, allowing for an abnormal channel change. The ieee80211input function does not properly handle AUTH...

Linux Kernel 2.6.x - AppleTalk ATalk_Sum_SKB Function Denial of Service

Linux Kernel 2.6.x - AppleTalk ATalkSumSKB Function Denial of Service source: https://www.securityfocus.com/bid/23376/info The Linux kernel is prone to a denial-of-service vulnerability. This issue presents itself when malformed AppleTalk frames are processed. An attacker can exploit this issue t...

Intel Centrino wireless drivers fail to properly process malformed frames

Overview Microsoft Windows drivers for Intel Centrino wireless adapters fail to properly handle malformed frames. This vulnerability may allow an attacker to execute arbitrary code. Description The Microsoft Windows drivers for Intel Centrino 2200BG and 2915ABG PRO wireless adapters fail to...

CVE-2006-7178

MadWifi before 0.9.3 does not properly handle reception of an AUTH frame by an IBSS node, which allows remote attackers to cause a denial of service system crash via a certain AUTH frame...

etherleak.txt

!/usr/bin/perl -w etherleak, code that has been 5 years coming. On 04/27/2002, I disclosed on the Linux Kernel Mailing list, a vulnerability that would be come known as the 'etherleak' bug. In various situations an ethernet frame must be padded to reach a specific size or fall on a certain...

security flaw

browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting XSS attacks by opening a blocked popup originating from a javascript: URI in...

security flaw

browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting XSS attacks by opening a blocked popup originating from a javascript: URI in...

security flaw

The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 inherit the default charset from the parent window, which allows remote attackers to conduct cross-site scripting XSS attacks, as demonstrated using the UTF-7 character set...

CVE-2007-1218

Off-by-one buffer overflow in the parseelements function in the 802.11 printer code print-80211.c for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service crash via a crafted 802.11 frame. NOTE: this was originally referred to as heap-based, but it might be stack-based...

Cross site scripting

The child frames in Microsoft Internet Explorer 7 inherit the default charset from the parent window when a charset is not specified in an HTTP Content-Type header or META tag, which allows remote attackers to conduct cross-site scripting XSS attacks, as demonstrated using the UTF-7 character set...

CVE-2007-0780

browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting XSS attacks by opening a blocked popup originating from a javascript: URI in...

security flaw

browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting XSS attacks by opening a blocked popup originating from a javascript: URI in...

Apple Airport Extreme fails to properly process 802.11 frames

Overview A vulnerability exists in the Apple AirPort Extreme wireless driver that may allow an attacker to crash a vulnerable system. Description The Apple AirPort Extreme adapter is an 802.11g compatible wireless adapter used in Apple OS X laptops and desktops. A flaw exists in the way AirPort...

CVE-2006-6651

Race condition in W29N51.SYS in the Intel 2200BG wireless driver 9.0.3.9 allows remote attackers to cause memory corruption and execute arbitrary code via a series of crafted beacon frames. NOTE: some details are obtained solely from third party information...

CVE-2006-6651

CVE-2006-6651 describes a race condition in the Intel 2200BG wireless driver 9.0.3.9 (W29N51.SYS) that can allow remote attackers to cause memory corruption and execute arbitrary code by sending crafted beacon frames. The description notes that some details come from third‑party information. Conn...

CVE-2006-6651

Race condition in W29N51.SYS in the Intel 2200BG wireless driver 9.0.3.9 allows remote attackers to cause memory corruption and execute arbitrary code via a series of crafted beacon frames. NOTE: some details are obtained solely from third party information...

Intel 2200BG 802.11 wireless drivers memory corruption

Memory corruption on beacon-frames parsing...