CVE-2006-7180 - Vulnerability Details - OpenCVE

ieee80211_output.c in MadWifi before 0.9.3 sends unencrypted packets before WPA authentication succeeds, which allows remote attackers to obtain sensitive information (related to network structure), and possibly cause a denial of service (disrupted authentication) and conduct spoofing attacks.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Madwifi	Madwifi

Configuration 1 [-]

cpe:2.3:a:madwifi:madwifi:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://madwifi.org/ticket/967
http://madwifi.org/wiki/Releases/0.9.3
http://secunia.com/advisories/24670
http://secunia.com/advisories/24841
http://secunia.com/advisories/24931
http://secunia.com/advisories/25861
http://secunia.com/advisories/26083
http://security.gentoo.org/glsa/glsa-200704-15.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:082
http://www.novell.com/linux/security/advisories/2007_14_sr.html
http://www.securityfocus.com/archive/1/466689/30/6900/threaded
http://www.securityfocus.com/bid/23434
http://www.ubuntu.com/usn/usn-479-1
http://www.vupen.com/english/advisories/2007/1187
https://exchange.xforce.ibmcloud.com/vulnerabilities/33514

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-03-30T01:00:00

Updated: 2024-08-07T20:57:40.091Z

Reserved: 2007-03-29T00:00:00

Link: CVE-2006-7180

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-03-30T01:19:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2006-7180

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-10-19T00:00:00", "descriptions": [{"lang": "en", "value": "ieee80211_output.c in MadWifi before 0.9.3 sends unencrypted packets before WPA authentication succeeds, which allows remote attackers to obtain sensitive information (related to network structure), and possibly cause a denial of service (disrupted authentication) and conduct spoofing attacks."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "USN-479-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-479-1"}, {"name": "MDKSA-2007:082", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:082"}, {"name": "24670", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24670"}, {"name": "24931", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24931"}, {"name": "26083", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26083"}, {"name": "ADV-2007-1187", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/1187"}, {"name": "SUSE-SR:2007:014", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://www.novell.com/linux/security/advisories/2007_14_sr.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://madwifi.org/ticket/967"}, {"name": "madwifi-wpa-weak-security(33514)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33514"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://madwifi.org/wiki/Releases/0.9.3"}, {"name": "24841", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24841"}, {"name": "20070423 FLEA-2007-0012-1: madwifi", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/466689/30/6900/threaded"}, {"name": "GLSA-200704-15", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200704-15.xml"}, {"name": "25861", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25861"}, {"name": "23434", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/23434"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2006-7180", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "ieee80211_output.c in MadWifi before 0.9.3 sends unencrypted packets before WPA authentication succeeds, which allows remote attackers to obtain sensitive information (related to network structure), and possibly cause a denial of service (disrupted authentication) and conduct spoofing attacks."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "USN-479-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-479-1"}, {"name": "MDKSA-2007:082", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:082"}, {"name": "24670", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24670"}, {"name": "24931", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24931"}, {"name": "26083", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26083"}, {"name": "ADV-2007-1187", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/1187"}, {"name": "SUSE-SR:2007:014", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2007_14_sr.html"}, {"name": "http://madwifi.org/ticket/967", "refsource": "CONFIRM", "url": "http://madwifi.org/ticket/967"}, {"name": "madwifi-wpa-weak-security(33514)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33514"}, {"name": "http://madwifi.org/wiki/Releases/0.9.3", "refsource": "CONFIRM", "url": "http://madwifi.org/wiki/Releases/0.9.3"}, {"name": "24841", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24841"}, {"name": "20070423 FLEA-2007-0012-1: madwifi", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/466689/30/6900/threaded"}, {"name": "GLSA-200704-15", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200704-15.xml"}, {"name": "25861", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25861"}, {"name": "23434", "refsource": "BID", "url": "http://www.securityfocus.com/bid/23434"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T20:57:40.091Z"}, "title": "CVE Program Container", "references": [{"name": "USN-479-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/usn-479-1"}, {"name": "MDKSA-2007:082", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:082"}, {"name": "24670", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24670"}, {"name": "24931", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24931"}, {"name": "26083", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26083"}, {"name": "ADV-2007-1187", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/1187"}, {"name": "SUSE-SR:2007:014", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://www.novell.com/linux/security/advisories/2007_14_sr.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://madwifi.org/ticket/967"}, {"name": "madwifi-wpa-weak-security(33514)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33514"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://madwifi.org/wiki/Releases/0.9.3"}, {"name": "24841", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24841"}, {"name": "20070423 FLEA-2007-0012-1: madwifi", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/466689/30/6900/threaded"}, {"name": "GLSA-200704-15", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200704-15.xml"}, {"name": "25861", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25861"}, {"name": "23434", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/23434"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-7180", "datePublished": "2007-03-30T01:00:00", "dateReserved": "2007-03-29T00:00:00", "dateUpdated": "2024-08-07T20:57:40.091Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:madwifi:madwifi:*:*:*:*:*:*:*:*", "matchCriteriaId": "6960E4C4-F392-47FD-B334-6F840CE977EF", "versionEndIncluding": "0.9.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "ieee80211_output.c in MadWifi before 0.9.3 sends unencrypted packets before WPA authentication succeeds, which allows remote attackers to obtain sensitive information (related to network structure), and possibly cause a denial of service (disrupted authentication) and conduct spoofing attacks."}, {"lang": "es", "value": "El archivo ieee80211_output.c en MadWifi versiones anteriores a 0.9.3, env\u00eda paquetes sin cifrar antes de que la autenticaci\u00f3n WPA tenga \u00e9xito, lo que permite a atacantes remotos obtener informaci\u00f3n (relacionada con la estructura de la red), y posiblemente causar una denegaci\u00f3n de servicio (autenticaci\u00f3n interrumpida) y conducir ataques de suplantaci\u00f3n de identidad."}], "id": "CVE-2006-7180", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-03-30T01:19:00.000", "references": [{"source": "[email protected]", "url": "http://madwifi.org/ticket/967"}, {"source": "[email protected]", "url": "http://madwifi.org/wiki/Releases/0.9.3"}, {"source": "[email protected]", "url": "http://secunia.com/advisories/24670"}, {"source": "[email protected]", "url": "http://secunia.com/advisories/24841"}, {"source": "[email protected]", "url": "http://secunia.com/advisories/24931"}, {"source": "[email protected]", "url": "http://secunia.com/advisories/25861"}, {"source": "[email protected]", "url": "http://secunia.com/advisories/26083"}, {"source": "[email protected]", "url": "http://security.gentoo.org/glsa/glsa-200704-15.xml"}, {"source": "[email protected]", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:082"}, {"source": "[email protected]", "url": "http://www.novell.com/linux/security/advisories/2007_14_sr.html"}, {"source": "[email protected]", "url": "http://www.securityfocus.com/archive/1/466689/30/6900/threaded"}, {"source": "[email protected]", "url": "http://www.securityfocus.com/bid/23434"}, {"source": "[email protected]", "url": "http://www.ubuntu.com/usn/usn-479-1"}, {"source": "[email protected]", "url": "http://www.vupen.com/english/advisories/2007/1187"}, {"source": "[email protected]", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33514"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://madwifi.org/ticket/967"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://madwifi.org/wiki/Releases/0.9.3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/24670"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/24841"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/24931"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25861"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26083"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200704-15.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:082"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2007_14_sr.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/466689/30/6900/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/23434"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-479-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/1187"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33514"}], "sourceIdentifier": "[email protected]", "vendorComments": [{"comment": "Not vulnerable. The MadWiFi wireless driver is not shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.", "lastModified": "2007-04-17T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "[email protected]", "type": "Primary"}]}