‘Marvell Driver Malformed Association Request Vulnerability’

Published on October 20th, 2008
Summary

The wireless drivers in some Wi-Fi access points (such as the MARVELL-based Linksys WAP4400N) do not correctly parse some malformed 802.11 frames.’

Credit:

‘The information has been provided by Laurent Butti and Julien Tinnes.’


Details

Vulnerable Systems:
 * Linksys WAP4400N (firmware v1.2.14) with MARVELL 88W8361P-BEM1 chipset

The bug can be triggered thanks to a malformed association request which is typically too short (truncated). Any association request sent in the air by the attacker will be parsed by the access point wireless driver and thus may trigger some implementation bugs. This bug is only triggerable when the access point is in WEP mode and if the association request contains the WEP flag.

Impact:
Denial-of-service (reboot or hang-up) and possibly remote arbitrary code execution

CVE Information:
CVE-2008-4441

Categories: News
Tags:

Related Posts

Featured News

HUAWEI P30 with versions earlier than 10.1.0.160 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability

Featured News

HUAWEI P30 with versions earlier than 10.1.0.135 Improper Verification of Cryptographic Signature Vulnerability

Featured News

HUAWEI P30 smartphone versions 10.1.0.135 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability