ID:

CVE-2014-8324 (NVD)

- Vulnerability Info (edit)
2017-10-17

network.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to cause a denial of service (segmentation fault) via a response with a crafted length parameter.

Products aircrack\-ng
Type Improper Input Validation (CWE-20)
First patch
2014-10-03
https://github.com/aircrack-ng/aircrack-ng/commit/88702a3ce4c28a973bf69023cd0312f412f6193e
"OSdep: Fixed segmentation fault that happens with a malicious server sending a negative length (Closes #16 on GitHub). git-svn-id: http://svn.aircrack-ng.org/trunk@2419 28c6078b-6c39-48e3-add9-af49d547ecab"

Stats: +1 lines / -1 lines (total: 2 lines)
Relevant file/s ./src/osdep/network.c (modified, +1, -1)
Links http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143606.html
https://bugzilla.redhat.com/show_bug.cgi?id=1159812
http://security.gentoo.org/glsa/glsa-201411-08.xml
http://www.securityfocus.com/archive/1/533869/100/0/threaded
http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143216.html
Annotation

Note:

This entry has not been annotated yet.

Please consider adding data:

aircrack-ng - Tree: 88702a3ce4

(? files)

Filter Settings
Files
Navigation
Patch data:

(on by default)


Patched area: