CVE-2007-2057

NameCVE-2007-2057
DescriptionStack-based buffer overflow in aircrack-ng airodump-ng 0.7 allows remote attackers to execute arbitrary code via crafted 802.11 authentication packets.
SourceCVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more)
ReferencesDSA-1280-1, DTSA-35-1
NVD severityhigh (attack range: remote)
Debian/oldstablenot known to be vulnerable.
Debian/stablenot known to be vulnerable.
Debian/testingnot vulnerable.
Debian/unstablenot vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
aircrack-ng (PTS)jessie, sid1:1.2-0~beta3-4fixed

The information above is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
aircrack-ngsource(unstable)1:0.7-3medium
aircrack-ngsourceetch1:0.6.2-7etch1highDSA-1280-1
aircrack-ngsourcelenny1:0.8-0.1lenny1highDTSA-35-1

Notes

http://trac.aircrack-ng.org/changeset/288

Search for package or bug name: Reporting problems