NetGear MA521 Wireless Driver 5.148.724 Long Beacon Probe Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21175/info NetGear MA521 Wireless device is prone to a stack-based buffer-overflow vulnerability because the driver fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory...

Linux Kernel < 2.6.30.5 cfg80211 Remote Denial of Service Exploit

No description provided by source. / cfg80211-remote-dos.c Linux Kernel 2.6.30.5 cfg80211 Remote DoS Jon Oberheide [email protected] http://jon.oberheide.org Information: http://patchwork.kernel.org/patch/41218/ These pointers can be NULL, the ismesh case isn't ever hit in the current kernel, but...

Aircrack-ng 0.7 - (Specially Crafted 802.11 Packets) Remote BoF Exploit

No description provided by source. / airodump-exp.c - aircrack/airodump-ng 0.7 remote exploit Proof of concept exploit for a stack and heap based overflow in airodump-ng. The vulnerability can be exploited by transmitting some specially crafted 802.11 packets to execute arbitrary code on any...

NetGear WG311v1 Wireless Driver 2.3.1 - 10 SSID Heap Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21251/info NetGear WG311v1 Wireless devices are prone to a heap-based buffer-overflow vulnerability because the driver fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memor...

The Broadcom LAN chip BCM4325 AND BCM4329 denial of service vulnerability-vulnerability warning-the black bar safety net

This vulnerability is the Broadcom Wireless card firmware, the model for the BCM4325 and the BCM4329, the attacker can send specific wireless network packets causing a denial of service attack. A major influence on the equipment: BCM4325 Apple iPhone 3GS Apple iPod 2G HTC Touch Pro 2 HTC Droid...

Linux Kernel 2.6.30.5 - cfg80211 Remote Denial of Service

Linux Kernel 2.6.30.5 - cfg80211 Remote Denial of Service / cfg80211-remote-dos.c Linux Kernel http://jon.oberheide.org Information: http://patchwork.kernel.org/patch/41218/ These pointers can be NULL, the ismesh case isn't ever hit in the current kernel, but cmpies can be hit under certain...

Linux Kernel &lt; 2.6.30.5 cfg80211 Remote Denial of Service Exploit

No description provided by source. / cfg80211-remote-dos.c Linux Kernel 2.6.30.5 cfg80211 Remote DoS Jon Oberheide [email protected] http://jon.oberheide.org Information: http://patchwork.kernel.org/patch/41218/ These pointers can be NULL, the ismesh case isn't ever hit in the current kernel, but...

intelcentrino-overflow.txt

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/projects/Framework/ require 'msf/core' module Msf class...

Intel Centrino ipw2200BG Wireless Driver Remote BOF Exploit (meta)

Exploit for unknown platform in category remote exploits ================================================================== Intel Centrino ipw2200BG Wireless Driver Remote BOF Exploit meta ================================================================== This file is part of the Metasploit...

Aircrack-ng 0.7 (specially crafted 802.11 packets) Remote BoF Exploit

No description provided by source. / airodump-exp.c - aircrack/airodump-ng 0.7 remote exploit Proof of concept exploit for a stack and heap based overflow in airodump-ng. The vulnerability can be exploited by transmitting some specially crafted 802.11 packets to execute arbitrary code on any...

Aircrack-NG 0.7 - &#039;Specially Crafted 802.11 Packets&#039; Remote Buffer Overflow

/ airodump-exp.c - aircrack/airodump-ng 0.7 remote exploit Proof of concept exploit for a stack and heap based overflow in airodump-ng. The vulnerability can be exploited by transmitting some specially crafted 802.11 packets to execute arbitrary code on any machines within range that are sniffing...

airodump-ng.txt

Product Name: Aircrack-ng 0.7 Vendor: http://www.aircrack-ng.org Date: 13 April, 2007 Author: Jonathan So Advisory URL: http://www.nop-art.net/advisories/airodump-ng.txt I. DESCRIPTION A buffer overflow vulnerability has been found in airodump-ng, part of the aircrack-ng package. The vulnerabilit...

NETGEAR WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow

NETGEAR WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow source: https://www.securityfocus.com/bid/21251/info NetGear WG311v1 Wireless devices are prone to a heap-based buffer-overflow vulnerability because the driver fails to properly bounds-check user-supplied data before copying it...

Netgear WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow

source: https://www.securityfocus.com/bid/21251/info NetGear WG311v1 Wireless devices are prone to a heap-based buffer-overflow vulnerability because the driver fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer. Exploiting this issue...

Netgear MA521 Wireless Driver 5.148.724 - &#039;Beacon Probe&#039; Remote Buffer Overflow

source: https://www.securityfocus.com/bid/21175/info NetGear MA521 Wireless device is prone to a stack-based buffer-overflow vulnerability because the driver fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer. Exploiting this issue allow...

Broadcom Wireless Driver Probe Response SSID Overflow Exploit (meta)

No description provided by source. require 'msf/core' module Msf class Exploits::Windows::Driver::BroadcomWiFiSSID Msf::Exploit::Remote include Exploit::Lorcon include Exploit::KernelMode def initializeinfo = superupdateinfoinfo, 'Name' = 'Broadcom Wireless Driver Probe Response SSID Overflow',...

D-Link DWL-G132 Wireless Driver Beacon Rates Overflow Exploit (meta)

No description provided by source. require 'msf/core' module Msf class Exploits::Windows::Driver::DLinkDWLG132WiFiRates Msf::Exploit::Remote include Exploit::Lorcon include Exploit::KernelMode def initializeinfo = superupdateinfoinfo, 'Name' = 'D-Link DWL-G132 Wireless Driver Beacon Rates...

D-Link DWL-G132 Wireless Driver Beacon Rates Overflow Expl (meta)

Exploit for unknown platform in category remote exploits ==================================================================== D-Link DWL-G132 Wireless Driver Beacon Rates Overflow Exploit meta ==================================================================== require 'msf/core' module Msf class...

Apple Airport驱动远程代码执行漏洞

Apple AirPort设备是一款无线访问接入点，可为网络客户端提供802.11服务。 Apple AirPort在处理畸形probe响应报文时存在内存破坏漏洞，远程攻击者可能利用此漏洞在用户机器上执行任意指令。 基于Orinoco的Airport网卡所提供的Apple Airport驱动存在内存破坏漏洞。当驱动置于积极扫描模式时，则如果接收到了固定长度头后没有包含有效的信息单元（IE）字段的probe响应帧的话，就会破坏内存内核结构，导致执行任意指令。 Apple AirPort for iMacs Apple AirPort for 1999-2003 PowerBooks...

Apple Airport 802.11 Probe Response Kernel Memory Corruption PoC

No description provided by source. A proof-of-concept exploit has been added to the Metasploit Framework 3.0 source tree: msf use auxiliary/dos/wireless/daringphucball require 'msf/core' module Msf class Auxiliary::Dos::Wireless::DaringPhucball Msf::Auxiliary include Exploit::Lorcon def...