// For flags

CVE-2007-0931

 

Severity Score

7.5
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Heap-based buffer overflow in the management interfaces in (1) Aruba Mobility Controllers 200, 800, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via long credential strings.

Un desbordamiento de búfer en la región heap de la memoria en las interfaces de administración de (1) Aruba Mobility Controllers 200, 800, 2400 y 6000 y (2) Alcatel-Lucent OmniAccess Wireless 43xx y 6000 permite a los atacantes remotos causar una denegación de servicio (bloqueo del proceso) y posiblemente ejecutar código arbitrario por medio de largas cadenas de credenciales.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-02-13 CVE Reserved
  • 2007-02-14 CVE Published
  • 2023-11-11 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Alcatel-lucent
Search vendor "Alcatel-lucent"
Omniaccess Wireless
Search vendor "Alcatel-lucent" for product "Omniaccess Wireless"
43xx
Search vendor "Alcatel-lucent" for product "Omniaccess Wireless" and version "43xx"
-
Affected
Alcatel-lucent
Search vendor "Alcatel-lucent"
Omniaccess Wireless
Search vendor "Alcatel-lucent" for product "Omniaccess Wireless"
6000
Search vendor "Alcatel-lucent" for product "Omniaccess Wireless" and version "6000"
-
Affected
Aruba
Search vendor "Aruba"
Mobility Controller
Search vendor "Aruba" for product "Mobility Controller"
200
Search vendor "Aruba" for product "Mobility Controller" and version "200"
-
Affected
Aruba
Search vendor "Aruba"
Mobility Controller
Search vendor "Aruba" for product "Mobility Controller"
800
Search vendor "Aruba" for product "Mobility Controller" and version "800"
-
Affected
Aruba
Search vendor "Aruba"
Mobility Controller
Search vendor "Aruba" for product "Mobility Controller"
2400
Search vendor "Aruba" for product "Mobility Controller" and version "2400"
-
Affected
Aruba
Search vendor "Aruba"
Mobility Controller
Search vendor "Aruba" for product "Mobility Controller"
6000
Search vendor "Aruba" for product "Mobility Controller" and version "6000"
-
Affected