Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
9 vulnerabilities by atheros
CVE-2020-36979 (GCVE-0-2020-36979)
Vulnerability from cvelistv5 – Published: 2026-01-27 18:51 – Updated: 2026-01-29 16:48
VLAI
Title
Atheros Coex Service Application 8.0.0.255 -'ZAtheros Bt&Wlan Coex Agent' Unquoted Service Path
Summary
Atheros Coex Service Application 8.0.0.255 contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path by placing malicious executables in the service path to gain elevated system privileges during service startup.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-428 - Unquoted Search Path or Element
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/49053 | exploit |
| https://www.file.net/process/ath_coexagent.exe.html | product |
| https://www.boostbyreason.com/resource-file-9102-… | product |
| https://www.vulncheck.com/advisories/atheros-coex… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Atheros | Coex Service Application |
Affected:
8.0.0.255
|
Date Public
2020-11-13 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-36979",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-29T15:49:28.282968Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-29T16:48:47.034Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/49053"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Coex Service Application",
"vendor": "Atheros",
"versions": [
{
"status": "affected",
"version": "8.0.0.255"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Isabel Lopez"
}
],
"datePublic": "2020-11-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Atheros Coex Service Application 8.0.0.255 contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path by placing malicious executables in the service path to gain elevated system privileges during service startup."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "Unquoted Search Path or Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-27T18:51:04.513Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-49053",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/49053"
},
{
"name": "Vendor Homepage",
"tags": [
"product"
],
"url": "https://www.file.net/process/ath_coexagent.exe.html"
},
{
"name": "Software Download Link",
"tags": [
"product"
],
"url": "https://www.boostbyreason.com/resource-file-9102-ath_coexagent-exe.aspx"
},
{
"name": "VulnCheck Advisory: Atheros Coex Service Application 8.0.0.255 -\u0027ZAtheros Bt\u0026Wlan Coex Agent\u0027 Unquoted Service Path",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/atheros-coex-service-application-zatheros-btwlan-coex-agent-unquoted-service-path"
}
],
"title": "Atheros Coex Service Application 8.0.0.255 -\u0027ZAtheros Bt\u0026Wlan Coex Agent\u0027 Unquoted Service Path",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2020-36979",
"datePublished": "2026-01-27T18:51:04.513Z",
"dateReserved": "2026-01-27T15:47:07.999Z",
"dateUpdated": "2026-01-29T16:48:47.034Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2009-0052 (GCVE-0-2009-0052)
Vulnerability from cvelistv5 – Published: 2009-11-12 23:00 – Updated: 2024-08-07 04:17
VLAI
Summary
The Atheros wireless driver, as used in Netgear WNDAP330 Wi-Fi access point with firmware 2.1.11 and other versions before 3.0.3 on the Atheros AR9160-BC1A chipset, and other products, allows remote authenticated users to cause a denial of service (device reboot or hang) and possibly execute arbitrary code via a truncated reserved management frame.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/36991 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/507777/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.vupen.com/english/advisories/2009/3212 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/37344 | third-party-advisoryx_refsource_SECUNIA |
| http://www.osvdb.org/59880 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2009-11-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:17:10.370Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "36991",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36991"
},
{
"name": "20091110 Atheros Driver Reserved Frame Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/507777/100/0/threaded"
},
{
"name": "ADV-2009-3212",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3212"
},
{
"name": "37344",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37344"
},
{
"name": "59880",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/59880"
},
{
"name": "netgear-wndap330-frame-dos(54216)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54216"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-11-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Atheros wireless driver, as used in Netgear WNDAP330 Wi-Fi access point with firmware 2.1.11 and other versions before 3.0.3 on the Atheros AR9160-BC1A chipset, and other products, allows remote authenticated users to cause a denial of service (device reboot or hang) and possibly execute arbitrary code via a truncated reserved management frame."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "36991",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36991"
},
{
"name": "20091110 Atheros Driver Reserved Frame Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/507777/100/0/threaded"
},
{
"name": "ADV-2009-3212",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3212"
},
{
"name": "37344",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37344"
},
{
"name": "59880",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/59880"
},
{
"name": "netgear-wndap330-frame-dos(54216)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54216"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0052",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Atheros wireless driver, as used in Netgear WNDAP330 Wi-Fi access point with firmware 2.1.11 and other versions before 3.0.3 on the Atheros AR9160-BC1A chipset, and other products, allows remote authenticated users to cause a denial of service (device reboot or hang) and possibly execute arbitrary code via a truncated reserved management frame."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36991",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36991"
},
{
"name": "20091110 Atheros Driver Reserved Frame Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/507777/100/0/threaded"
},
{
"name": "ADV-2009-3212",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3212"
},
{
"name": "37344",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37344"
},
{
"name": "59880",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/59880"
},
{
"name": "netgear-wndap330-frame-dos(54216)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54216"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0052",
"datePublished": "2009-11-12T23:00:00.000Z",
"dateReserved": "2009-01-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T04:17:10.370Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5474 (GCVE-0-2007-5474)
Vulnerability from cvelistv5 – Published: 2008-09-05 16:00 – Updated: 2024-08-07 15:31
VLAI
Summary
The driver for the Linksys WRT350N Wi-Fi access point with firmware 2.00.17 on the Atheros AR5416-AC1E chipset does not properly parse the Atheros vendor-specific information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via an Atheros information element with an invalid length, as demonstrated by an element that is too long.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/31012 | vdb-entryx_refsource_BID |
| http://securityreason.com/securityalert/4226 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/archive/1/495984/100… | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2008-09-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:31:58.773Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31012",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31012"
},
{
"name": "4226",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4226"
},
{
"name": "20080904 Atheros Vendor Specific Information Element Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/495984/100/0/threaded"
},
{
"name": "atheros-as5416ac1e-associationrequest-dos(44921)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44921"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The driver for the Linksys WRT350N Wi-Fi access point with firmware 2.00.17 on the Atheros AR5416-AC1E chipset does not properly parse the Atheros vendor-specific information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via an Atheros information element with an invalid length, as demonstrated by an element that is too long."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "31012",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31012"
},
{
"name": "4226",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4226"
},
{
"name": "20080904 Atheros Vendor Specific Information Element Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/495984/100/0/threaded"
},
{
"name": "atheros-as5416ac1e-associationrequest-dos(44921)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44921"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5474",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The driver for the Linksys WRT350N Wi-Fi access point with firmware 2.00.17 on the Atheros AR5416-AC1E chipset does not properly parse the Atheros vendor-specific information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via an Atheros information element with an invalid length, as demonstrated by an element that is too long."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31012",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31012"
},
{
"name": "4226",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4226"
},
{
"name": "20080904 Atheros Vendor Specific Information Element Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/495984/100/0/threaded"
},
{
"name": "atheros-as5416ac1e-associationrequest-dos(44921)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44921"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5474",
"datePublished": "2008-09-05T16:00:00.000Z",
"dateReserved": "2007-10-16T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:31:58.773Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-36979 (GCVE-0-2020-36979)
Vulnerability from nvd – Published: 2026-01-27 18:51 – Updated: 2026-01-29 16:48
VLAI
Title
Atheros Coex Service Application 8.0.0.255 -'ZAtheros Bt&Wlan Coex Agent' Unquoted Service Path
Summary
Atheros Coex Service Application 8.0.0.255 contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path by placing malicious executables in the service path to gain elevated system privileges during service startup.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-428 - Unquoted Search Path or Element
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/49053 | exploit |
| https://www.file.net/process/ath_coexagent.exe.html | product |
| https://www.boostbyreason.com/resource-file-9102-… | product |
| https://www.vulncheck.com/advisories/atheros-coex… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Atheros | Coex Service Application |
Affected:
8.0.0.255
|
Date Public
2020-11-13 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-36979",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-29T15:49:28.282968Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-29T16:48:47.034Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/49053"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Coex Service Application",
"vendor": "Atheros",
"versions": [
{
"status": "affected",
"version": "8.0.0.255"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Isabel Lopez"
}
],
"datePublic": "2020-11-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Atheros Coex Service Application 8.0.0.255 contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path by placing malicious executables in the service path to gain elevated system privileges during service startup."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "Unquoted Search Path or Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-27T18:51:04.513Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-49053",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/49053"
},
{
"name": "Vendor Homepage",
"tags": [
"product"
],
"url": "https://www.file.net/process/ath_coexagent.exe.html"
},
{
"name": "Software Download Link",
"tags": [
"product"
],
"url": "https://www.boostbyreason.com/resource-file-9102-ath_coexagent-exe.aspx"
},
{
"name": "VulnCheck Advisory: Atheros Coex Service Application 8.0.0.255 -\u0027ZAtheros Bt\u0026Wlan Coex Agent\u0027 Unquoted Service Path",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/atheros-coex-service-application-zatheros-btwlan-coex-agent-unquoted-service-path"
}
],
"title": "Atheros Coex Service Application 8.0.0.255 -\u0027ZAtheros Bt\u0026Wlan Coex Agent\u0027 Unquoted Service Path",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2020-36979",
"datePublished": "2026-01-27T18:51:04.513Z",
"dateReserved": "2026-01-27T15:47:07.999Z",
"dateUpdated": "2026-01-29T16:48:47.034Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2009-0052 (GCVE-0-2009-0052)
Vulnerability from nvd – Published: 2009-11-12 23:00 – Updated: 2024-08-07 04:17
VLAI
Summary
The Atheros wireless driver, as used in Netgear WNDAP330 Wi-Fi access point with firmware 2.1.11 and other versions before 3.0.3 on the Atheros AR9160-BC1A chipset, and other products, allows remote authenticated users to cause a denial of service (device reboot or hang) and possibly execute arbitrary code via a truncated reserved management frame.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/36991 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/507777/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.vupen.com/english/advisories/2009/3212 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/37344 | third-party-advisoryx_refsource_SECUNIA |
| http://www.osvdb.org/59880 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2009-11-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:17:10.370Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "36991",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36991"
},
{
"name": "20091110 Atheros Driver Reserved Frame Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/507777/100/0/threaded"
},
{
"name": "ADV-2009-3212",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3212"
},
{
"name": "37344",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37344"
},
{
"name": "59880",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/59880"
},
{
"name": "netgear-wndap330-frame-dos(54216)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54216"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-11-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Atheros wireless driver, as used in Netgear WNDAP330 Wi-Fi access point with firmware 2.1.11 and other versions before 3.0.3 on the Atheros AR9160-BC1A chipset, and other products, allows remote authenticated users to cause a denial of service (device reboot or hang) and possibly execute arbitrary code via a truncated reserved management frame."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "36991",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36991"
},
{
"name": "20091110 Atheros Driver Reserved Frame Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/507777/100/0/threaded"
},
{
"name": "ADV-2009-3212",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3212"
},
{
"name": "37344",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37344"
},
{
"name": "59880",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/59880"
},
{
"name": "netgear-wndap330-frame-dos(54216)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54216"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0052",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Atheros wireless driver, as used in Netgear WNDAP330 Wi-Fi access point with firmware 2.1.11 and other versions before 3.0.3 on the Atheros AR9160-BC1A chipset, and other products, allows remote authenticated users to cause a denial of service (device reboot or hang) and possibly execute arbitrary code via a truncated reserved management frame."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36991",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36991"
},
{
"name": "20091110 Atheros Driver Reserved Frame Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/507777/100/0/threaded"
},
{
"name": "ADV-2009-3212",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3212"
},
{
"name": "37344",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37344"
},
{
"name": "59880",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/59880"
},
{
"name": "netgear-wndap330-frame-dos(54216)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54216"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0052",
"datePublished": "2009-11-12T23:00:00.000Z",
"dateReserved": "2009-01-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T04:17:10.370Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5474 (GCVE-0-2007-5474)
Vulnerability from nvd – Published: 2008-09-05 16:00 – Updated: 2024-08-07 15:31
VLAI
Summary
The driver for the Linksys WRT350N Wi-Fi access point with firmware 2.00.17 on the Atheros AR5416-AC1E chipset does not properly parse the Atheros vendor-specific information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via an Atheros information element with an invalid length, as demonstrated by an element that is too long.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/31012 | vdb-entryx_refsource_BID |
| http://securityreason.com/securityalert/4226 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/archive/1/495984/100… | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2008-09-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:31:58.773Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31012",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31012"
},
{
"name": "4226",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4226"
},
{
"name": "20080904 Atheros Vendor Specific Information Element Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/495984/100/0/threaded"
},
{
"name": "atheros-as5416ac1e-associationrequest-dos(44921)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44921"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The driver for the Linksys WRT350N Wi-Fi access point with firmware 2.00.17 on the Atheros AR5416-AC1E chipset does not properly parse the Atheros vendor-specific information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via an Atheros information element with an invalid length, as demonstrated by an element that is too long."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "31012",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31012"
},
{
"name": "4226",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4226"
},
{
"name": "20080904 Atheros Vendor Specific Information Element Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/495984/100/0/threaded"
},
{
"name": "atheros-as5416ac1e-associationrequest-dos(44921)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44921"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5474",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The driver for the Linksys WRT350N Wi-Fi access point with firmware 2.00.17 on the Atheros AR5416-AC1E chipset does not properly parse the Atheros vendor-specific information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via an Atheros information element with an invalid length, as demonstrated by an element that is too long."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31012",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31012"
},
{
"name": "4226",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4226"
},
{
"name": "20080904 Atheros Vendor Specific Information Element Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/495984/100/0/threaded"
},
{
"name": "atheros-as5416ac1e-associationrequest-dos(44921)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44921"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5474",
"datePublished": "2008-09-05T16:00:00.000Z",
"dateReserved": "2007-10-16T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:31:58.773Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
VAR-200708-0003
Vulnerability from variot - Updated: 2023-12-18 13:53Unspecified vulnerability in Atheros 802.11 a/b/g wireless adapter drivers before 5.3.0.35, and 6.x before 6.0.3.67, on Windows allows remote attackers to cause a denial of service via a crafted 802.11 management frame. Atheros wireless drivers fail to properly handle malformed wireless frames. This vulnerability may allow a remote, unauthenticated attacker to create a denial-of-service condition. Atheros Provided by the company Microsoft Windows The wireless network driver for is vulnerable to the frame handling part. Crafted 802.11 Sending a management frame causes a buffer overflow, resulting in service disruption ( DoS ) You may be attacked. 802.11b, 802.11g, 802.11n Management frames in are not encrypted and do not require authentication to be sent. further, WEP And WPA It has been found that even if wireless communication encryption such as is affected by this vulnerability. Linux And UNIX Used in NDISWrapper And using vulnerable drivers with similar technologies may also be affected.
The driver did not adequately check for malformed management frames, and a remote attacker could trigger an overflow by sending a specially constructed 802.11 management frame that requires no authentication or encryption. Atheros drivers are also used by OEM (Original Equipment Manufacturer) wireless adapters. This issue is reported to affect drivers for the Windows operating system.
BETA test the new Secunia Personal Software Inspector!
The Secunia PSI detects installed software on your computer and categorises it as either Insecure, End-of-Life, or Up-To-Date. Effectively enabling you to focus your attention on software installations where more secure versions are available from the vendors.
SOLUTION: The vendor has reportedly issued firmware updates (versions 5.3.0.35 and 6.0.3.67 and later) to OEMs.
PROVIDED AND/OR DISCOVERED BY: Reported via US-CERT.
ORIGINAL ADVISORY: US-CERT VU#730169: http://www.kb.cert.org/vuls/id/730169
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200708-0003",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "all windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "atheros",
"version": null
},
{
"model": "driver",
"scope": "eq",
"trust": 0.8,
"vendor": "atheros",
"version": "version 5.3.0 system (atheros 802.11 a/b/g)"
},
{
"model": "driver",
"scope": "eq",
"trust": 0.8,
"vendor": "atheros",
"version": "version 6.0.3 system (atheros 802.11 a/b/g)"
},
{
"model": "celsius work station",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "fmv desktop",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "fmv thin client",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "fmv-biblo",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "fmv-biblo loox",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "fmv-deskpower",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "fmv-esprimo",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "fmv-lifebook",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "fmv-stylistic",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "none",
"version": null
},
{
"model": "wireless adapter drivers",
"scope": "eq",
"trust": 0.6,
"vendor": "atheros",
"version": "6.0.3.67"
},
{
"model": "wireless adapter drivers",
"scope": "eq",
"trust": 0.6,
"vendor": "atheros",
"version": "5.1.1.9"
},
{
"model": "communications wireless driver a/b/g",
"scope": "eq",
"trust": 0.3,
"vendor": "atheros",
"version": "802.110"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#730169"
},
{
"db": "CNVD",
"id": "CNVD-2007-4814"
},
{
"db": "BID",
"id": "25160"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000565"
},
{
"db": "NVD",
"id": "CVE-2007-2927"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-075"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:atheros:wireless_adapter_drivers:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.1.1.9",
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:atheros:wireless_adapter_drivers:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.0.3.67",
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2927"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nicholas Krasny",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200708-075"
}
],
"trust": 0.6
},
"cve": "CVE-2007-2927",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2007-2927",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-26289",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-2927",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#730169",
"trust": 0.8,
"value": "0.77"
},
{
"author": "CNNVD",
"id": "CNNVD-200708-075",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-26289",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#730169"
},
{
"db": "VULHUB",
"id": "VHN-26289"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000565"
},
{
"db": "NVD",
"id": "CVE-2007-2927"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-075"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in Atheros 802.11 a/b/g wireless adapter drivers before 5.3.0.35, and 6.x before 6.0.3.67, on Windows allows remote attackers to cause a denial of service via a crafted 802.11 management frame. Atheros wireless drivers fail to properly handle malformed wireless frames. This vulnerability may allow a remote, unauthenticated attacker to create a denial-of-service condition. Atheros Provided by the company Microsoft Windows The wireless network driver for is vulnerable to the frame handling part. Crafted 802.11 Sending a management frame causes a buffer overflow, resulting in service disruption ( DoS ) You may be attacked. 802.11b, 802.11g, 802.11n Management frames in are not encrypted and do not require authentication to be sent. further, WEP And WPA It has been found that even if wireless communication encryption such as is affected by this vulnerability. Linux And UNIX Used in NDISWrapper And using vulnerable drivers with similar technologies may also be affected. \n\n\u00a0The driver did not adequately check for malformed management frames, and a remote attacker could trigger an overflow by sending a specially constructed 802.11 management frame that requires no authentication or encryption. \nAtheros drivers are also used by OEM (Original Equipment Manufacturer) wireless adapters. \nThis issue is reported to affect drivers for the Windows operating system. \n\n----------------------------------------------------------------------\n\nBETA test the new Secunia Personal Software Inspector!\n\nThe Secunia PSI detects installed software on your computer and\ncategorises it as either Insecure, End-of-Life, or Up-To-Date. \nEffectively enabling you to focus your attention on software\ninstallations where more secure versions are available from the\nvendors. \n\nSOLUTION:\nThe vendor has reportedly issued firmware updates (versions 5.3.0.35\nand 6.0.3.67 and later) to OEMs. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported via US-CERT. \n\nORIGINAL ADVISORY:\nUS-CERT VU#730169:\nhttp://www.kb.cert.org/vuls/id/730169\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2927"
},
{
"db": "CERT/CC",
"id": "VU#730169"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000565"
},
{
"db": "CNVD",
"id": "CNVD-2007-4814"
},
{
"db": "BID",
"id": "25160"
},
{
"db": "VULHUB",
"id": "VHN-26289"
},
{
"db": "PACKETSTORM",
"id": "58395"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#730169",
"trust": 3.7
},
{
"db": "NVD",
"id": "CVE-2007-2927",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "26348",
"trust": 2.7
},
{
"db": "BID",
"id": "25160",
"trust": 2.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2756",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "37992",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000565",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2007-4814",
"trust": 0.6
},
{
"db": "XF",
"id": "35788",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200708-075",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-26289",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58395",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#730169"
},
{
"db": "CNVD",
"id": "CNVD-2007-4814"
},
{
"db": "VULHUB",
"id": "VHN-26289"
},
{
"db": "BID",
"id": "25160"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000565"
},
{
"db": "PACKETSTORM",
"id": "58395"
},
{
"db": "NVD",
"id": "CVE-2007-2927"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-075"
}
]
},
"id": "VAR-200708-0003",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-26289"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:53:59.244000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.atheros.com/"
},
{
"title": "Atheros\u793e\u88fd\u7121\u7dda\uff08\u30ef\u30a4\u30e4\u30ec\u30b9\uff09LAN\u30c9\u30e9\u30a4\u30d0\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/atheros/wlan/"
},
{
"title": "VU#730169",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/vu730169.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000565"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2927"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.kb.cert.org/vuls/id/730169"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/25160"
},
{
"trust": 1.7,
"url": "http://osvdb.org/37992"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26348"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/2756"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35788"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/26348/"
},
{
"trust": 0.8,
"url": "http://www.atheros.com/contact/index.html"
},
{
"trust": 0.8,
"url": "http://standards.ieee.org/announcements/pr_frames.html"
},
{
"trust": 0.8,
"url": "http://standards.ieee.org/getieee802/download/802.11-1999.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-2927"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23730169/index.html"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-2927"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/2756"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/35788"
},
{
"trust": 0.3,
"url": "http://www.atheros.com"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "https://psi.secunia.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/15189/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#730169"
},
{
"db": "VULHUB",
"id": "VHN-26289"
},
{
"db": "BID",
"id": "25160"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000565"
},
{
"db": "PACKETSTORM",
"id": "58395"
},
{
"db": "NVD",
"id": "CVE-2007-2927"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-075"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#730169"
},
{
"db": "CNVD",
"id": "CNVD-2007-4814"
},
{
"db": "VULHUB",
"id": "VHN-26289"
},
{
"db": "BID",
"id": "25160"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000565"
},
{
"db": "PACKETSTORM",
"id": "58395"
},
{
"db": "NVD",
"id": "CVE-2007-2927"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-075"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-08-01T00:00:00",
"db": "CERT/CC",
"id": "VU#730169"
},
{
"date": "2007-08-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2007-4814"
},
{
"date": "2007-08-08T00:00:00",
"db": "VULHUB",
"id": "VHN-26289"
},
{
"date": "2007-08-01T00:00:00",
"db": "BID",
"id": "25160"
},
{
"date": "2007-08-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000565"
},
{
"date": "2007-08-10T02:01:07",
"db": "PACKETSTORM",
"id": "58395"
},
{
"date": "2007-08-08T01:17:00",
"db": "NVD",
"id": "CVE-2007-2927"
},
{
"date": "2007-08-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200708-075"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-12-12T00:00:00",
"db": "CERT/CC",
"id": "VU#730169"
},
{
"date": "2007-08-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2007-4814"
},
{
"date": "2017-07-29T00:00:00",
"db": "VULHUB",
"id": "VHN-26289"
},
{
"date": "2007-08-02T20:55:00",
"db": "BID",
"id": "25160"
},
{
"date": "2007-11-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000565"
},
{
"date": "2017-07-29T01:31:50.957000",
"db": "NVD",
"id": "CVE-2007-2927"
},
{
"date": "2007-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200708-075"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200708-075"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Atheros wireless network drivers may fail to properly handle malformed frames",
"sources": [
{
"db": "CERT/CC",
"id": "VU#730169"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200708-075"
}
],
"trust": 0.6
}
}
VAR-200911-0002
Vulnerability from variot - Updated: 2023-12-18 13:35The Atheros wireless driver, as used in Netgear WNDAP330 Wi-Fi access point with firmware 2.1.11 and other versions before 3.0.3 on the Atheros AR9160-BC1A chipset, and other products, allows remote authenticated users to cause a denial of service (device reboot or hang) and possibly execute arbitrary code via a truncated reserved management frame. NETGEAR WNDAP330 is prone to a denial-of-service vulnerability because it fails to properly parse malformed reserved management frames. Successful exploits will cause the affected device to crash or reboot, denying service to legitimate users. WNDAP330 with firmware 2.1.11 is vulnerable.
Assigned CVE:
- CVE-2009-0052
Details:
- The bug can be triggered by a malicious reserved management frame sent to the wireless access point (truncated packet). This can be achieved only after a successful 802.11 authentication (in "Open" mode according to the configuration of the wireless access point) and a successful 802.11 association with appropriate security parameters (e.g. WPA w/ TKIP unicast, TKIP multicast) which depends on the configuration of the wireless access point. Any other wireless device relying on this vulnerable wireless driver is likely to be vulnerable.
Credits:
- This vulnerability was discovered by Laurent Butti from France Telecom / Orange . ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
For more information visit: http://secunia.com/advisories/business_solutions/
Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com
TITLE: Netgear WNDAP330 Management Frame Denial of Service
SECUNIA ADVISORY ID: SA37344
VERIFY ADVISORY: http://secunia.com/advisories/37344/
DESCRIPTION: A vulnerability has been reported in Netgear WNDAP330, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an unspecified error in the parsing of management frames, which can be exploited to reboot or hang an affected device.
The vulnerability is reported in firmware version 2.1.11. Other versions may also be affected.
SOLUTION: Update to version 3.0.3. http://kb.netgear.com/app/answers/detail/a_id/12199
PROVIDED AND/OR DISCOVERED BY: Laurent Butti from France Telecom / Orange
ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/bugtraq/current/0070.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200911-0002",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wndap330",
"scope": "eq",
"trust": 2.0,
"vendor": "netgear",
"version": "2.1.11"
},
{
"model": "ar9160-bc1a chipset",
"scope": "eq",
"trust": 1.1,
"vendor": "atheros",
"version": "*"
},
{
"model": "ar9160-bc1a chipset",
"scope": null,
"trust": 0.8,
"vendor": "atheros",
"version": null
},
{
"model": "wndap330",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "wndap330",
"scope": "eq",
"trust": 0.8,
"vendor": "net gear",
"version": "2.1.11 and 3.0.3 other"
},
{
"model": "wndap330",
"scope": "ne",
"trust": 0.3,
"vendor": "netgear",
"version": "3.0.3"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2009-0052"
},
{
"db": "BID",
"id": "36991"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003170"
},
{
"db": "NVD",
"id": "CVE-2009-0052"
},
{
"db": "CNNVD",
"id": "CNNVD-200911-144"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netgear:wndap330_firmware:2.1.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netgear:wndap330:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:atheros:ar9160-bc1a_chipset:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-0052"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Laurent Butti",
"sources": [
{
"db": "BID",
"id": "36991"
},
{
"db": "PACKETSTORM",
"id": "82665"
},
{
"db": "CNNVD",
"id": "CNNVD-200911-144"
}
],
"trust": 1.0
},
"cve": "CVE-2009-0052",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.1,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 5.5,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2009-0052",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.1,
"id": "VHN-37498",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:S/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-0052",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200911-144",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-37498",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2009-0052",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37498"
},
{
"db": "VULMON",
"id": "CVE-2009-0052"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003170"
},
{
"db": "NVD",
"id": "CVE-2009-0052"
},
{
"db": "CNNVD",
"id": "CNNVD-200911-144"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Atheros wireless driver, as used in Netgear WNDAP330 Wi-Fi access point with firmware 2.1.11 and other versions before 3.0.3 on the Atheros AR9160-BC1A chipset, and other products, allows remote authenticated users to cause a denial of service (device reboot or hang) and possibly execute arbitrary code via a truncated reserved management frame. NETGEAR WNDAP330 is prone to a denial-of-service vulnerability because it fails to properly parse malformed reserved management frames. \nSuccessful exploits will cause the affected device to crash or reboot, denying service to legitimate users. \nWNDAP330 with firmware 2.1.11 is vulnerable. \n\nAssigned CVE:\n-------------\n* CVE-2009-0052\n\nDetails:\n--------\n* The bug can be triggered by a malicious reserved management frame sent\nto the wireless access point (truncated packet). This can be achieved\nonly after a successful 802.11 authentication (in \"Open\" mode according\nto the configuration of the wireless access point) and a successful\n802.11 association with appropriate security parameters (e.g. WPA w/\nTKIP unicast, TKIP multicast) which depends on the configuration of the\nwireless access point. Any other wireless device relying\non this vulnerable wireless driver is likely to be vulnerable. \n\nCredits:\n--------\n* This vulnerability was discovered by Laurent Butti from France Telecom\n/ Orange\n. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nNetgear WNDAP330 Management Frame Denial of Service\n\nSECUNIA ADVISORY ID:\nSA37344\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/37344/\n\nDESCRIPTION:\nA vulnerability has been reported in Netgear WNDAP330, which can be\nexploited by malicious people to cause a DoS (Denial of Service). \n\nThe vulnerability is caused due to an unspecified error in the\nparsing of management frames, which can be exploited to reboot or\nhang an affected device. \n\nThe vulnerability is reported in firmware version 2.1.11. Other\nversions may also be affected. \n\nSOLUTION:\nUpdate to version 3.0.3. \nhttp://kb.netgear.com/app/answers/detail/a_id/12199\n\nPROVIDED AND/OR DISCOVERED BY:\nLaurent Butti from France Telecom / Orange\n\nORIGINAL ADVISORY:\nhttp://archives.neohapsis.com/archives/bugtraq/current/0070.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-0052"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003170"
},
{
"db": "BID",
"id": "36991"
},
{
"db": "VULHUB",
"id": "VHN-37498"
},
{
"db": "VULMON",
"id": "CVE-2009-0052"
},
{
"db": "PACKETSTORM",
"id": "82665"
},
{
"db": "PACKETSTORM",
"id": "82583"
}
],
"trust": 2.25
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-37498",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37498"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-0052",
"trust": 3.0
},
{
"db": "BID",
"id": "36991",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "37344",
"trust": 1.9
},
{
"db": "OSVDB",
"id": "59880",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2009-3212",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003170",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200911-144",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20091110 ATHEROS DRIVER RESERVED FRAME VULNERABILITY",
"trust": 0.6
},
{
"db": "XF",
"id": "54216",
"trust": 0.6
},
{
"db": "XF",
"id": "330",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "82665",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-37498",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2009/3212",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2009-0052",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "82583",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37498"
},
{
"db": "VULMON",
"id": "CVE-2009-0052"
},
{
"db": "BID",
"id": "36991"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003170"
},
{
"db": "PACKETSTORM",
"id": "82665"
},
{
"db": "PACKETSTORM",
"id": "82583"
},
{
"db": "NVD",
"id": "CVE-2009-0052"
},
{
"db": "CNNVD",
"id": "CNNVD-200911-144"
}
]
},
"id": "VAR-200911-0002",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-37498"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:35:27.772000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.atheros.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.netgear.com/"
},
{
"title": "wifuzzit",
"trust": 0.1,
"url": "https://github.com/0xd012/wifuzzit "
},
{
"title": "wifuzzit",
"trust": 0.1,
"url": "https://github.com/flowerhack/wifuzzit "
},
{
"title": "wifuzzit",
"trust": 0.1,
"url": "https://github.com/84kaliplexon3/wifuzzit "
},
{
"title": "wifuzzit",
"trust": 0.1,
"url": "https://github.com/plexone2019/wifuzzit "
},
{
"title": "wifuzzit",
"trust": 0.1,
"url": "https://github.com/wi-fi-analyzer/wifuzzit "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2009-0052"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003170"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-0052"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/36991"
},
{
"trust": 1.8,
"url": "http://www.osvdb.org/59880"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/37344"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2009/3212"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/507777/100/0/threaded"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54216"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0052"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-0052"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/54216"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/507777/100/0/threaded"
},
{
"trust": 0.4,
"url": "http://archives.neohapsis.com/archives/bugtraq/current/0070.html"
},
{
"trust": 0.4,
"url": "http://kb.netgear.com/app/answers/detail/a_id/12199"
},
{
"trust": 0.3,
"url": "http://www.netgear.com"
},
{
"trust": 0.3,
"url": "/archive/1/507777"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/0xd012/wifuzzit"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0052"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/37344/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37498"
},
{
"db": "VULMON",
"id": "CVE-2009-0052"
},
{
"db": "BID",
"id": "36991"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003170"
},
{
"db": "PACKETSTORM",
"id": "82665"
},
{
"db": "PACKETSTORM",
"id": "82583"
},
{
"db": "NVD",
"id": "CVE-2009-0052"
},
{
"db": "CNNVD",
"id": "CNNVD-200911-144"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-37498"
},
{
"db": "VULMON",
"id": "CVE-2009-0052"
},
{
"db": "BID",
"id": "36991"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003170"
},
{
"db": "PACKETSTORM",
"id": "82665"
},
{
"db": "PACKETSTORM",
"id": "82583"
},
{
"db": "NVD",
"id": "CVE-2009-0052"
},
{
"db": "CNNVD",
"id": "CNNVD-200911-144"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-11-12T00:00:00",
"db": "VULHUB",
"id": "VHN-37498"
},
{
"date": "2009-11-12T00:00:00",
"db": "VULMON",
"id": "CVE-2009-0052"
},
{
"date": "2009-11-11T00:00:00",
"db": "BID",
"id": "36991"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-003170"
},
{
"date": "2009-11-17T01:44:34",
"db": "PACKETSTORM",
"id": "82665"
},
{
"date": "2009-11-16T09:28:42",
"db": "PACKETSTORM",
"id": "82583"
},
{
"date": "2009-11-12T23:30:00.577000",
"db": "NVD",
"id": "CVE-2009-0052"
},
{
"date": "2009-11-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200911-144"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-11T00:00:00",
"db": "VULHUB",
"id": "VHN-37498"
},
{
"date": "2018-10-11T00:00:00",
"db": "VULMON",
"id": "CVE-2009-0052"
},
{
"date": "2010-07-21T19:16:00",
"db": "BID",
"id": "36991"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-003170"
},
{
"date": "2018-10-11T20:59:49.343000",
"db": "NVD",
"id": "CVE-2009-0052"
},
{
"date": "2009-11-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200911-144"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200911-144"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Atheros AR9160-BC1A On chipset Netgear WNDAP330 Wi-Fi Used by access points Atheros Service disruption in wireless drivers (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-003170"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200911-144"
}
],
"trust": 0.6
}
}
VAR-200809-0452
Vulnerability from variot - Updated: 2023-12-18 13:04The driver for the Linksys WRT350N Wi-Fi access point with firmware 2.00.17 on the Atheros AR5416-AC1E chipset does not properly parse the Atheros vendor-specific information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via an Atheros information element with an invalid length, as demonstrated by an element that is too long. Atheros AR5416-AC1E On chipset Linksys WRT350N Wi-Fi The access point driver is responsible for the association request. Atheros Communications AR5416-AC1E is prone to a denial-of-service vulnerability because it fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to crash the affected device that uses the chipset, denying service to legitimate users. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed. Atheros AR5416-AC1E included in Linksys WRT35ON wireless router running firmware 2.00.17 is vulnerable; other devices running different firmware may also be affected. Linksys WRT350N is a popular wireless broadband router. Cause a denial of service or execute arbitrary commands. This information element is used by wireless devices to advertise Atheros specific capabilities. This can be achieved only after a successful 802.11 authentication (in "Open" or "Shared" mode according to the configuration of the wireless access point). This security vulnerability was reported to Linksys, updated firmwares should be available on their web site. Any other wireless device relying on this vulnerable wireless driver is likely to be vulnerable.
Credits:
- This vulnerability was discovered by Laurent Butti and Julien Tinnes from France Telecom / Orange
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200809-0452",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ar5416-ac1e chipset",
"scope": null,
"trust": 1.4,
"vendor": "atheros",
"version": null
},
{
"model": "ar5416-ac1e chipset",
"scope": "eq",
"trust": 1.1,
"vendor": "atheros",
"version": "*"
},
{
"model": "wrt350n",
"scope": "eq",
"trust": 1.1,
"vendor": "linksys",
"version": "2.00.17"
},
{
"model": "wrt350n",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco linksys",
"version": "firmware 2.00.17"
},
{
"model": "wrt350n",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "2.0.17"
},
{
"model": "communications ar5416-ac1e",
"scope": "eq",
"trust": 0.3,
"vendor": "atheros",
"version": "0"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-5474"
},
{
"db": "BID",
"id": "31012"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002531"
},
{
"db": "NVD",
"id": "CVE-2007-5474"
},
{
"db": "CNNVD",
"id": "CNNVD-200809-083"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:atheros:ar5416-ac1e_chipset:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:wrt350n:2.00.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-5474"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Laurent Butti\u203b laurent.butti@orange-ftgroup.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200809-083"
}
],
"trust": 0.6
},
"cve": "CVE-2007-5474",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2007-5474",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "VHN-28836",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-5474",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200809-083",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-28836",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2007-5474",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28836"
},
{
"db": "VULMON",
"id": "CVE-2007-5474"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002531"
},
{
"db": "NVD",
"id": "CVE-2007-5474"
},
{
"db": "CNNVD",
"id": "CNNVD-200809-083"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The driver for the Linksys WRT350N Wi-Fi access point with firmware 2.00.17 on the Atheros AR5416-AC1E chipset does not properly parse the Atheros vendor-specific information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via an Atheros information element with an invalid length, as demonstrated by an element that is too long. Atheros AR5416-AC1E On chipset Linksys WRT350N Wi-Fi The access point driver is responsible for the association request. Atheros Communications AR5416-AC1E is prone to a denial-of-service vulnerability because it fails to perform adequate boundary checks on user-supplied data. \nAttackers can exploit this issue to crash the affected device that uses the chipset, denying service to legitimate users. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed. \nAtheros AR5416-AC1E included in Linksys WRT35ON wireless router running firmware 2.00.17 is vulnerable; other devices running different firmware may also be affected. Linksys WRT350N is a popular wireless broadband router. Cause a denial of service or execute arbitrary commands. This\ninformation element is used by wireless devices to advertise Atheros\nspecific capabilities. This can be achieved only after a successful 802.11\nauthentication (in \"Open\" or \"Shared\" mode according to the\nconfiguration of the wireless access point). \nThis security vulnerability was reported to Linksys, updated firmwares\nshould be available on their web site. Any other wireless device relying\non this vulnerable wireless driver is likely to be vulnerable. \n\nCredits:\n--------\n* This vulnerability was discovered by Laurent Butti and Julien Tinnes\nfrom France Telecom / Orange\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-5474"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002531"
},
{
"db": "BID",
"id": "31012"
},
{
"db": "VULHUB",
"id": "VHN-28836"
},
{
"db": "VULMON",
"id": "CVE-2007-5474"
},
{
"db": "PACKETSTORM",
"id": "69634"
}
],
"trust": 2.16
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-28836",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28836"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-5474",
"trust": 3.0
},
{
"db": "BID",
"id": "31012",
"trust": 2.1
},
{
"db": "SREASON",
"id": "4226",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002531",
"trust": 0.8
},
{
"db": "XF",
"id": "5416",
"trust": 0.6
},
{
"db": "XF",
"id": "44921",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20080904 ATHEROS VENDOR SPECIFIC INFORMATION ELEMENT OVERFLOW",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200809-083",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "69634",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-28836",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2007-5474",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28836"
},
{
"db": "VULMON",
"id": "CVE-2007-5474"
},
{
"db": "BID",
"id": "31012"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002531"
},
{
"db": "PACKETSTORM",
"id": "69634"
},
{
"db": "NVD",
"id": "CVE-2007-5474"
},
{
"db": "CNNVD",
"id": "CNNVD-200809-083"
}
]
},
"id": "VAR-200809-0452",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-28836"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:04:46.632000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.atheros.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://home.cisco.com/en-apac/home"
},
{
"title": "wifuzzit",
"trust": 0.1,
"url": "https://github.com/0xd012/wifuzzit "
},
{
"title": "wifuzzit",
"trust": 0.1,
"url": "https://github.com/flowerhack/wifuzzit "
},
{
"title": "wifuzzit",
"trust": 0.1,
"url": "https://github.com/84kaliplexon3/wifuzzit "
},
{
"title": "wifuzzit",
"trust": 0.1,
"url": "https://github.com/plexone2019/wifuzzit "
},
{
"title": "wifuzzit",
"trust": 0.1,
"url": "https://github.com/wi-fi-analyzer/wifuzzit "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-5474"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002531"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28836"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002531"
},
{
"db": "NVD",
"id": "CVE-2007-5474"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/31012"
},
{
"trust": 1.8,
"url": "http://securityreason.com/securityalert/4226"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/495984/100/0/threaded"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44921"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5474"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-5474"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/44921"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/495984/100/0/threaded"
},
{
"trust": 0.3,
"url": "http://www.atheros.com/"
},
{
"trust": 0.3,
"url": "http://www.linksys.com/"
},
{
"trust": 0.3,
"url": "/archive/1/495984"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/0xd012/wifuzzit"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5474"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28836"
},
{
"db": "VULMON",
"id": "CVE-2007-5474"
},
{
"db": "BID",
"id": "31012"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002531"
},
{
"db": "PACKETSTORM",
"id": "69634"
},
{
"db": "NVD",
"id": "CVE-2007-5474"
},
{
"db": "CNNVD",
"id": "CNNVD-200809-083"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-28836"
},
{
"db": "VULMON",
"id": "CVE-2007-5474"
},
{
"db": "BID",
"id": "31012"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002531"
},
{
"db": "PACKETSTORM",
"id": "69634"
},
{
"db": "NVD",
"id": "CVE-2007-5474"
},
{
"db": "CNNVD",
"id": "CNNVD-200809-083"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-28836"
},
{
"date": "2008-09-05T00:00:00",
"db": "VULMON",
"id": "CVE-2007-5474"
},
{
"date": "2008-09-04T00:00:00",
"db": "BID",
"id": "31012"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-002531"
},
{
"date": "2008-09-04T18:10:05",
"db": "PACKETSTORM",
"id": "69634"
},
{
"date": "2008-09-05T16:08:00",
"db": "NVD",
"id": "CVE-2007-5474"
},
{
"date": "2008-09-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200809-083"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-15T00:00:00",
"db": "VULHUB",
"id": "VHN-28836"
},
{
"date": "2018-10-15T00:00:00",
"db": "VULMON",
"id": "CVE-2007-5474"
},
{
"date": "2008-09-04T19:14:00",
"db": "BID",
"id": "31012"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-002531"
},
{
"date": "2018-10-15T21:45:12.157000",
"db": "NVD",
"id": "CVE-2007-5474"
},
{
"date": "2009-01-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200809-083"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200809-083"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Atheros AR5416-AC1E On chipset Linksys WRT350N Wi-Fi Denial of service operation in access point driver (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-002531"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200809-083"
}
],
"trust": 0.6
}
}