Denial of Service Vulnerability in Linksys WAP4400N by Marvell
CVE-2008-4441

Currently unrated

Key Information:

Vendor: Linksys
Status: Wap400n
Vendor: CVE Published:; 14 October 2008

Summary

The Marvell driver used in the Linksys WAP4400N Wi-Fi access point suffers from a vulnerability that occurs when WEP mode is enabled. It fails to properly parse malformed 802.11 frames, which allows remote attackers to trigger a denial of service condition. This can be executed through carefully crafted association requests that are significantly shorter than expected, leading to the device either rebooting or hanging. This issue highlights the need for vigilance in network device configurations and updates.

References

http://www.vupen.com/english/advisories/2008/2805

vdb-entryx_refsource_VUPEN

http://securityreason.com/securityalert/4400

third-party-advisoryx_refsource_SREASON

http://www.securityfocus.com/archive/1/497285/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Oct 14, 2008
Vulnerability Reserved
Oct 3, 2008