Published: 06/11/2008 Updated: 08/08/2017
CVSS v2 Base Score: 8.3 | Impact Score: 10 | Exploitability Score: 6.5
VMScore: 739
Vector: AV:A/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

Multiple buffer overflows in the ndiswrapper module 1.53 for the Linux kernel 2.6 allow remote malicious users to execute arbitrary code by sending packets over a local wireless network that specify long ESSIDs.

Vendor Advisories

USN-662-1 fixed vulnerabilities in ndiswrapper in Ubuntu 810 This update provides the corresponding updates for Ubuntu 804 and 710 ...
Debian Bug report logs - #504696 ndiswrapper-source: longs ESSIDs can expose security vulnerability Package: ndiswrapper-source; Maintainer for ndiswrapper-source is Julian Andres Klode <jak@debianorg>; Source for ndiswrapper-source is src:ndiswrapper (PTS, buildd, popcon) Reported by: Kel Modderman <kel@otaku42de> ...
It was discovered that the Linux kernel could be made to hang temporarily when mounting corrupted ext2/3 filesystems If a user were tricked into mounting a specially crafted filesystem, a remote attacker could cause system hangs, leading to a denial of service (CVE-2008-3528) ...