Buffer Overflow Vulnerability in NDISWrapper Module for Linux Kernel
CVE-2008-4395

Currently unrated

Key Information:

Vendor: Ubuntu
Status: Linux Kernel
Vendor: CVE Published:; 6 November 2008

What is CVE-2008-4395?

The NDISWrapper module version 1.53 for the Linux kernel 2.6 is susceptible to multiple buffer overflow vulnerabilities. These vulnerabilities can be exploited by remote attackers who send specially crafted packets over a local wireless network, allowing them to execute arbitrary code. The issue arises due to the handling of long Extended Service Set Identifiers (ESSIDs), which can lead to a breach of system integrity within the affected environments. It is crucial for users relying on this module to apply relevant patches and follow best practices regarding network security to mitigate the risks associated with this vulnerability.

References

http://www.mail-archive.com/frugalware-git%40frugalware.o...

mailing-listx_refsource_MLIST

https://exchange.xforce.ibmcloud.com/vulnerabilities/46437

vdb-entryx_refsource_XF

http://www.ubuntu.com/usn/usn-662-2

vendor-advisoryx_refsource_UBUNTU

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 6, 2008
Vulnerability Reserved
Oct 2, 2008

Ubuntu

What is CVE-2008-4395?

References

Timeline