3881 matches found
etherleak.txt
!/usr/bin/perl -w etherleak, code that has been 5 years coming. On 04/27/2002, I disclosed on the Linux Kernel Mailing list, a vulnerability that would be come known as the 'etherleak' bug. In various situations an ethernet frame must be padded to reach a specific size or fall on a certain...
security flaw
browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting XSS attacks by opening a blocked popup originating from a javascript: URI in...
security flaw
browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting XSS attacks by opening a blocked popup originating from a javascript: URI in...
security flaw
The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 inherit the default charset from the parent window, which allows remote attackers to conduct cross-site scripting XSS attacks, as demonstrated using the UTF-7 character set...
CVE-2007-1218
Off-by-one buffer overflow in the parseelements function in the 802.11 printer code print-80211.c for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service crash via a crafted 802.11 frame. NOTE: this was originally referred to as heap-based, but it might be stack-based...
Cross site scripting
The child frames in Microsoft Internet Explorer 7 inherit the default charset from the parent window when a charset is not specified in an HTTP Content-Type header or META tag, which allows remote attackers to conduct cross-site scripting XSS attacks, as demonstrated using the UTF-7 character set...
CVE-2007-0780
browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting XSS attacks by opening a blocked popup originating from a javascript: URI in...
security flaw
browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting XSS attacks by opening a blocked popup originating from a javascript: URI in...
Apple Airport Extreme fails to properly process 802.11 frames
Overview A vulnerability exists in the Apple AirPort Extreme wireless driver that may allow an attacker to crash a vulnerable system. Description The Apple AirPort Extreme adapter is an 802.11g compatible wireless adapter used in Apple OS X laptops and desktops. A flaw exists in the way AirPort...
CVE-2006-6651
Race condition in W29N51.SYS in the Intel 2200BG wireless driver 9.0.3.9 allows remote attackers to cause memory corruption and execute arbitrary code via a series of crafted beacon frames. NOTE: some details are obtained solely from third party information...
CVE-2006-6651
Race condition in W29N51.SYS in the Intel 2200BG wireless driver 9.0.3.9 allows remote attackers to cause memory corruption and execute arbitrary code via a series of crafted beacon frames. NOTE: some details are obtained solely from third party information...
CVE-2006-6651
CVE-2006-6651 describes a race condition in the Intel 2200BG wireless driver 9.0.3.9 (W29N51.SYS) that can allow remote attackers to cause memory corruption and execute arbitrary code by sending crafted beacon frames. The description notes that some details come from third‑party information. Conn...
Intel 2200BG 802.11 wireless drivers memory corruption
Memory corruption on beacon-frames parsing...
CVE-2006-6292
Apple Airport Extreme firmware 0.1.27 in Mac OS X 10.4.8 on Mac mini, MacBook, and MacBook Pro with Core Duo hardware allows remote attackers to cause a denial of service out-of-bounds memory access and kernel panic and have possibly other security-related impact via certain beacon frames...
CVE-2006-6292
Apple Airport Extreme firmware 0.1.27 in Mac OS X 10.4.8 on Mac mini, MacBook, and MacBook Pro with Core Duo hardware allows remote attackers to cause a denial of service out-of-bounds memory access and kernel panic and have possibly other security-related impact via certain beacon frames...
NetGear wireless driver fails to properly process specially-crafted 802.11 management frames
Overview A buffer overflow vulnerability exists in the Netgear WG311ND5.SYS wireless driver. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code, or cause a denial-of-service condition. Description The WG311ND5.SYS driver is a wireless 802.11g device driv...
NetGear wireless driver fails to properly process certain 802.11 management frames
Overview A buffer overflow vulnerability has been reported in the Netgear WG111v2.SYS wireless driver. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code, or cause a denial-of-service condition. Description The WG111v2.SYS driver is a wireless 802.11...
Apple Airport 802.11 Probe Response Kernel Memory Corruption PoC
No description provided by source. A proof-of-concept exploit has been added to the Metasploit Framework 3.0 source tree: msf use auxiliary/dos/wireless/daringphucball require 'msf/core' module Msf class Auxiliary::Dos::Wireless::DaringPhucball Msf::Auxiliary include Exploit::Lorcon def...
CVE-2006-3509
Integer overflow in the API for the AirPort wireless driver on Apple Mac OS X 10.4.7 might allow physically proximate attackers to cause a denial of service crash or execute arbitrary code in third-party wireless software that uses the API via crafted frames...
CVE-2006-3509
Integer overflow in the API for the AirPort wireless driver on Apple Mac OS X 10.4.7 might allow physically proximate attackers to cause a denial of service crash or execute arbitrary code in third-party wireless software that uses the API via crafted frames...