Back to search
CVE-2007-5474
Published: Sep 5, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
The driver for the Linksys WRT350N Wi-Fi access point with firmware 2.00.17 on the Atheros AR5416-AC1E chipset does not properly parse the Atheros vendor-specific information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via an Atheros information element with an invalid length, as demonstrated by an element that is too long.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
31012
vdb-entry
x_refsource_BID
4226
third-party-advisory
x_refsource_SREASON
20080904 Atheros Vendor Specific Information Element Overflow
mailing-list
x_refsource_BUGTRAQ
atheros-as5416ac1e-associationrequest-dos(44921)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now