Vulnerabilities > CVE-2005-2627 - Remote vulnerability in Kismet
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple integer underflows in Kismet before 2005-08-R1 allow remote attackers to execute arbitrary code via (1) kernel headers in a pcap file or (2) data frame dissection, which leads to heap-based buffer overflows.
Vulnerable Configurations
Nessus
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-788.NASL description Several security related problems have been discovered in kismet, a wireless 802.11b monitoring tool. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2005-2626 Insecure handling of unprintable characters in the SSID. - CAN-2005-2627 Multiple integer underflows could allow remote attackers to execute arbitrary code. The old stable distribution (woody) does not seem to be affected by these problems. last seen 2020-06-01 modified 2020-06-02 plugin id 19531 published 2005-08-30 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/19531 title Debian DSA-788-1 : kismet - several vulnerabilities NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200508-10.NASL description The remote host is affected by the vulnerability described in GLSA-200508-10 (Kismet: Multiple vulnerabilities) Kismet is vulnerable to a heap overflow when handling pcap captures and to an integer underflow in the CDP protocol dissector. Impact : With a specially crafted packet an attacker could cause Kismet to execute arbitrary code with the rights of the user running the program. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 19472 published 2005-08-19 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/19472 title GLSA-200508-10 : Kismet: Multiple vulnerabilities
References
- http://secunia.com/advisories/16447
- http://secunia.com/advisories/16477
- http://secunia.com/advisories/16634
- http://www.debian.org/security/2005/dsa-788
- http://www.gentoo.org/security/en/glsa/glsa-200508-10.xml
- http://www.kismetwireless.net/blog/?entry=/kismet/entry-1124158146.txt
- http://www.kismetwireless.net/CHANGELOG
- http://www.novell.com/linux/security/advisories/2005_20_sr.html
- http://www.securityfocus.com/bid/14430
- http://www.vupen.com/english/advisories/2005/1422