Note:
This project will be discontinued after December 13, 2021. [more]
2020-01-31
Stack-based buffer overflow in the tcp_test function in aireplay-ng.c in Aircrack-ng before 1.2 RC 1 allows remote attackers to execute arbitrary code via a crafted length parameter value.
| Products | Aircrack\-Ng |
| Type | Out-of-bounds Write (CWE-787) |
| First patch | - None (likely due to unavailable code) |
| Links |
• https://github.com/aircrack-ng/aircrack-ng/pull/14
• http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html • https://github.com/aircrack-ng/aircrack-ng/commit/091b153f294b9b695b0b2831e65936438b550d7b • https://exchange.xforce.ibmcloud.com/vulnerabilities/98459 • http://www.exploit-db.com/exploits/35018 |