Madwifi : Security Vulnerabilities, CVEs, CVSS score >= 7
Array index error in the (1) ieee80211_ioctl_getwmmparams and (2) ieee80211_ioctl_setwmmparams functions in net80211/ieee80211_wireless.c in MadWifi before 0.9.3.1 allows local users to cause a denial of service (system crash), possibly obtain kernel memory contents, and possibly execute arbitrary code via a large negative array index value.
Max CVSS
10.0
EPSS Score
0.14%
Published
2007-05-24
Updated
2018-10-16
ieee80211_input.c in MadWifi before 0.9.3 does not properly process Channel Switch Announcement Information Elements (CSA IEs), which allows remote attackers to cause a denial of service (loss of communication) via a Channel Switch Count less than or equal to one, triggering a channel change.
Max CVSS
7.8
EPSS Score
12.34%
Published
2007-03-30
Updated
2018-10-16
MadWifi before 0.9.3 does not properly handle reception of an AUTH frame by an IBSS node, which allows remote attackers to cause a denial of service (system crash) via a certain AUTH frame.
Max CVSS
7.8
EPSS Score
12.59%
Published
2007-03-30
Updated
2018-10-16
MadWifi, when Ad-Hoc mode is used, allows remote attackers to cause a denial of service (system crash) via unspecified vectors that lead to a kernel panic in the ieee80211_input function, related to "packets coming from a 'malicious' WinXP system."
Max CVSS
7.8
EPSS Score
7.00%
Published
2007-03-30
Updated
2018-10-16
Stack-based buffer overflow in net80211/ieee80211_wireless.c in MadWifi before 0.9.2.1 allows remote attackers to execute arbitrary code via unspecified vectors, related to the encode_ie and giwscan_cb functions.
Max CVSS
7.5
EPSS Score
77.52%
Published
2006-12-10
Updated
2017-07-29
The ath_rate_sample function in the ath_rate/sample/sample.c sample code in MadWifi before 0.9.3 allows remote attackers to cause a denial of service (failed KASSERT and system crash) by moving a connected system to a location with low signal strength, and possibly other vectors related to a race condition between interface enabling and packet transmission.
Max CVSS
7.1
EPSS Score
3.86%
Published
2005-12-31
Updated
2008-09-10
6 vulnerabilities found