SayText function in Kismet 2.2.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters (backtick or pipe) in the essid argument.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| kismet | kismet | 2.2 |
| kismet | kismet | 2.2.1 |
Unspecified vulnerability in Kismet before 2005-08-R1 allows remote attackers to have an unknown impact via unprintable characters in the SSID.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| kismet | kismet | 2005-07_r1 |
| kismet | kismet | 2.8.0a |
| kismet | kismet | 2.8.0 |
| kismet | kismet | 2.6.0 |
| kismet | kismet | 2005-01_r1 |
| kismet | kismet | 2005-04_r1 |
| kismet | kismet | 2004-10_r1 |
| kismet | kismet | 2005-07_r1a |
| kismet | kismet | 2004-04_r1a |
| kismet | kismet | 2.4.6 |
| kismet | kismet | 2004-04_r1 |
| kismet | kismet | 2004-02_r1 |
| kismet | kismet | 2.8.1 |
| kismet | kismet | 2005-06_r1 |
| kismet | kismet | 2.4.5 |
| kismet | kismet | 2005-07_bsd |
Multiple integer underflows in Kismet before 2005-08-R1 allow remote attackers to execute arbitrary code via (1) kernel headers in a pcap file or (2) data frame dissection, which leads to heap-based buffer overflows.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| kismet | kismet | 2005-07_r1 |
| kismet | kismet | 2.8.0a |
| kismet | kismet | 2.8.0 |
| kismet | kismet | 2.6.0 |
| kismet | kismet | 2005-01_r1 |
| kismet | kismet | 2005-04_r1 |
| kismet | kismet | 2004-10_r1 |
| kismet | kismet | 2005-07_r1a |
| kismet | kismet | 2004-04_r1a |
| kismet | kismet | 2.4.6 |
| kismet | kismet | 2004-04_r1 |
| kismet | kismet | 2004-02_r1 |
| kismet | kismet | 2.8.1 |
| kismet | kismet | 2005-06_r1 |
| kismet | kismet | 2.4.5 |
| kismet | kismet | 2005-07_bsd |