CVE-2006-2213 - Hostapd 0.3.7-2 allows remote attackers to cause a denial of service (segmentation fault) via an uns

CVE-2006-2213

Summary

Hostapd 0.3.7-2 allows remote attackers to cause a denial of service (segmentation fault) via an unspecified value in the key_data_length field of an EAPoL frame.

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365897
http://secunia.com/advisories/19966
http://secunia.com/advisories/20195
http://secunia.com/advisories/20265
http://www.debian.org/security/2006/dsa-1065
http://www.mandriva.com/security/advisories?name=MDKSA-2006:088
http://www.osvdb.org/25233
http://www.securityfocus.com/bid/17846
http://www.vupen.com/english/advisories/2006/1657
https://exchange.xforce.ibmcloud.com/vulnerabilities/26239

Vulnerable Configurations

cpe:2.3:a:hostapd:hostapd:0.3.7_2:*:*:*:*:*:*:*
cpe:2.3:a:hostapd:hostapd:0.3.7_2:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 20-07-2017 - 01:31)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:P

refmap via4

bid	17846
debian	DSA-1065
mandrake	MDKSA-2006:088
misc	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365897
osvdb	25233
secunia	19966 20195 20265
vupen	ADV-2006-1657
xf	hostapd-eapol-dos(26239)

Last major update

20-07-2017 - 01:31

Published

05-05-2006 - 12:46

Last modified

20-07-2017 - 01:31