CVE-2014-8324
https://notcve.org/view.php?id=CVE-2014-8324
network.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to cause a denial of service (segmentation fault) via a response with a crafted length parameter. network.c en Aircrack-ng en versiones anteriores a 1.2 Beta 3 permite a atacantes remotos provocar una denegación de servicio (fallo de segmentación) a través de una respuesta con una longitud de parámetro manipulada. • http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143216.html http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143595.html http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143606.html http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html http://security.gentoo.org/glsa/glsa-201411-08.xml http://www.securityfocus.com/archiv • CWE-20: Improper Input Validation •
CVE-2014-8323
https://notcve.org/view.php?id=CVE-2014-8323
buddy-ng.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to cause a denial of service (segmentation fault) via a response with a crafted length parameter. buddy-ng.c en Aircrack-ng en versiones anteriores a la 1.2 Beta 3 permite a atacantes remotos provocar una denegación de servicio (fallo de segmentación) a través de una respuesta con una longitud de parámetro manipulada. • http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143216.html http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143595.html http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143606.html http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html http://security.gentoo.org/glsa/glsa-201411-08.xml http://www.securityfocus.com/archiv • CWE-20: Improper Input Validation •
CVE-2014-8321
https://notcve.org/view.php?id=CVE-2014-8321
Stack-based buffer overflow in the gps_tracker function in airodump-ng.c in Aircrack-ng before 1.2 RC 1 allows local users to execute arbitrary code or gain privileges via unspecified vectors. Un desbordamiento del búfer en la región stack de la memoria en la función gps_tracker en el archivo airodump-ng.c en Aircrack-ng versiones anteriores a 1.2 RC 1, permite a usuarios locales ejecutar código arbitrario o alcanzar privilegios por medio de vectores no especificados. • http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html https://exchange.xforce.ibmcloud.com/vulnerabilities/98458 https://github.com/aircrack-ng/aircrack-ng/commit/ff70494dd389ba570dbdbf36f217c28d4381c6b5 https://github.com/aircrack-ng/aircrack-ng/pull/13 • CWE-787: Out-of-bounds Write •
CVE-2014-8322 – Aireplay-ng 1.2 beta3 - 'tcp_test' Length Stack Overflow
https://notcve.org/view.php?id=CVE-2014-8322
Stack-based buffer overflow in the tcp_test function in aireplay-ng.c in Aircrack-ng before 1.2 RC 1 allows remote attackers to execute arbitrary code via a crafted length parameter value. Un desbordamiento del búfer en la región stack de la memoria en la función tcp_test en el archivo aireplay-ng.c en Aircrack-ng versiones anteriores a 1.2 RC 1, permite a atacantes remotos ejecutar código arbitrario por medio de un valor del parámetro length diseñado. • https://www.exploit-db.com/exploits/35018 http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html http://www.exploit-db.com/exploits/35018 https://exchange.xforce.ibmcloud.com/vulnerabilities/98459 https://github.com/aircrack-ng/aircrack-ng/commit/091b153f294b9b695b0b2831e65936438b550d7b https://github.com/aircrack-ng/aircrack-ng/pull/14 • CWE-787: Out-of-bounds Write •