nvd-json-data-feeds/CVE-2007/CVE-2007-54xx/CVE-2007-5448.json

{
  "id": "CVE-2007-5448",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2007-10-14T18:17:00.000",
  "lastModified": "2018-10-15T21:44:54.250",
  "vulnStatus": "Modified",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Madwifi 0.9.3.2 and earlier allows remote attackers to cause a denial of service (panic) via a beacon frame with a large length value in the extended supported rates (xrates) element, which triggers an assertion error, related to net80211/ieee80211_scan_ap.c and net80211/ieee80211_scan_sta.c."
    },
    {
      "lang": "es",
      "value": "Madwifi 0.9.3.2 y versiones anteriores permite a atacantes remotos provocar una denegaci\u00f3n de servicio (p\u00e1nico) mediante una trama de baliza con una valor de longitud largo en el elemento extended supported rates (xrates). que dispara una error de aserci\u00f3n, relativo a net80211/ieee80211_scan_ap.c y net80211/ieee80211_scan_sta.c."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "NONE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:madwifi:madwifi:*:*:*:*:*:*:*:*",
              "versionEndIncluding": "0.9.3.2",
              "matchCriteriaId": "817F054B-BF7F-4B2E-B2BF-E58D67A3B101"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=195705",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://madwifi.org/changeset/2736",
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ]
    },
    {
      "url": "http://secunia.com/advisories/27197",
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://secunia.com/advisories/27541",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://secunia.com/advisories/28431",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://securityreason.com/securityalert/3225",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-09.xml",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:007",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.sec-consult.com/298.html",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.securityfocus.com/archive/1/482168/100/0/threaded",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.securityfocus.com/bid/26052",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.vupen.com/english/advisories/2007/3493",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37182",
      "source": "cve@mitre.org"
    }
  ]
}