CVE-2007-0931
 
Severity Score
7.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Heap-based buffer overflow in the management interfaces in (1) Aruba Mobility Controllers 200, 800, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via long credential strings.
Un desbordamiento de búfer en la región heap de la memoria en las interfaces de administración de (1) Aruba Mobility Controllers 200, 800, 2400 y 6000 y (2) Alcatel-Lucent OmniAccess Wireless 43xx y 6000 permite a los atacantes remotos causar una denegación de servicio (bloqueo del proceso) y posiblemente ejecutar código arbitrario por medio de largas cadenas de credenciales.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-02-13 CVE Reserved
- 2007-02-14 CVE Published
- 2023-11-11 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (8)
URL | Tag | Source |
---|---|---|
http://osvdb.org/33184 | Vdb Entry | |
http://secunia.com/advisories/24144 | Third Party Advisory | |
http://securityreason.com/securityalert/2244 | Third Party Advisory | |
http://www.kb.cert.org/vuls/id/319913 | Third Party Advisory | |
http://www.securityfocus.com/archive/1/459928/100/0/threaded | Mailing List | |
http://www.securityfocus.com/bid/22538 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/32459 | Vdb Entry |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052380.html | 2018-10-16 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Alcatel-lucent Search vendor "Alcatel-lucent" | Omniaccess Wireless Search vendor "Alcatel-lucent" for product "Omniaccess Wireless" | 43xx Search vendor "Alcatel-lucent" for product "Omniaccess Wireless" and version "43xx" | - |
Affected
| ||||||
Alcatel-lucent Search vendor "Alcatel-lucent" | Omniaccess Wireless Search vendor "Alcatel-lucent" for product "Omniaccess Wireless" | 6000 Search vendor "Alcatel-lucent" for product "Omniaccess Wireless" and version "6000" | - |
Affected
| ||||||
Aruba Search vendor "Aruba" | Mobility Controller Search vendor "Aruba" for product "Mobility Controller" | 200 Search vendor "Aruba" for product "Mobility Controller" and version "200" | - |
Affected
| ||||||
Aruba Search vendor "Aruba" | Mobility Controller Search vendor "Aruba" for product "Mobility Controller" | 800 Search vendor "Aruba" for product "Mobility Controller" and version "800" | - |
Affected
| ||||||
Aruba Search vendor "Aruba" | Mobility Controller Search vendor "Aruba" for product "Mobility Controller" | 2400 Search vendor "Aruba" for product "Mobility Controller" and version "2400" | - |
Affected
| ||||||
Aruba Search vendor "Aruba" | Mobility Controller Search vendor "Aruba" for product "Mobility Controller" | 6000 Search vendor "Aruba" for product "Mobility Controller" and version "6000" | - |
Affected
|