Vulnerability Details CVE-2014-8321
Stack-based buffer overflow in the gps_tracker function in airodump-ng.c in Aircrack-ng before 1.2 RC 1 allows local users to execute arbitrary code or gain privileges via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.6%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.6
References
- http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html
- http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/98458
- https://github.com/aircrack-ng/aircrack-ng/commit/ff70494dd389ba570dbdbf36f217c28d4381c6b5/
- https://github.com/aircrack-ng/aircrack-ng/pull/13
- http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html
- http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/98458
- https://github.com/aircrack-ng/aircrack-ng/commit/ff70494dd389ba570dbdbf36f217c28d4381c6b5/
- https://github.com/aircrack-ng/aircrack-ng/pull/13
Products affected by CVE-2014-8321
-
cpe:2.3:a:aircrack-ng:aircrack-ng:0.1
-
cpe:2.3:a:aircrack-ng:aircrack-ng:0.2
-
cpe:2.3:a:aircrack-ng:aircrack-ng:0.2.1
-
cpe:2.3:a:aircrack-ng:aircrack-ng:0.3
-
cpe:2.3:a:aircrack-ng:aircrack-ng:0.4
-
cpe:2.3:a:aircrack-ng:aircrack-ng:0.4.1
-
cpe:2.3:a:aircrack-ng:aircrack-ng:0.4.2
-
cpe:2.3:a:aircrack-ng:aircrack-ng:0.4.3
-
cpe:2.3:a:aircrack-ng:aircrack-ng:0.4.4
-
cpe:2.3:a:aircrack-ng:aircrack-ng:0.5
-
cpe:2.3:a:aircrack-ng:aircrack-ng:0.6
-
cpe:2.3:a:aircrack-ng:aircrack-ng:0.6.1
-
cpe:2.3:a:aircrack-ng:aircrack-ng:0.6.2
-
cpe:2.3:a:aircrack-ng:aircrack-ng:0.7
-
cpe:2.3:a:aircrack-ng:aircrack-ng:0.8
-
cpe:2.3:a:aircrack-ng:aircrack-ng:0.9
-
cpe:2.3:a:aircrack-ng:aircrack-ng:0.9.1
-
cpe:2.3:a:aircrack-ng:aircrack-ng:0.9.2
-
cpe:2.3:a:aircrack-ng:aircrack-ng:0.9.3
-
cpe:2.3:a:aircrack-ng:aircrack-ng:1.0
-
cpe:2.3:a:aircrack-ng:aircrack-ng:1.1
-
cpe:2.3:a:aircrack-ng:aircrack-ng:1.2