Laurent Butti

8 exploits Active since Nov 2006
CVE-2013-4074 METASPLOIT ruby WORKING POC
Wireshark 1.6.x-1.6.16 and 1.8.x-1.8.8 - Denial of Service in CAPWAP Dissector
The dissect_capwap_data function in epan/dissectors/packet-capwap.c in the CAPWAP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 incorrectly uses a -1 data value to represent an error condition, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
CVE-2006-6059 EXPLOITDB ruby WORKING POC
NetGear MA521 Driver < 5.148.724.2003 - Buffer Overflow via Long Supported Rates Information Element
Buffer overflow in MA521nd5.SYS driver 5.148.724.2003 for NetGear MA521 PCMCIA adapter allows remote attackers to execute arbitrary code via (1) beacon or (2) probe 802.11 frame responses with an long supported rates information element. NOTE: this issue was reported as a "memory corruption" error, but the associated exploit code suggests that it is a buffer overflow.
CVE-2006-6125 EXPLOITDB ruby WORKING POC
NetGear WG311v1 - Heap-Based Buffer Overflow via 802.11 Management Frame with Long SSID
Heap-based buffer overflow in the wireless driver (WG311ND5.SYS) 2.3.1.10 for NetGear WG311v1 wireless adapter allows remote attackers to execute arbitrary code via an 802.11 management frame with a long SSID.
CVE-2013-4074 EXPLOITDB ruby WORKING POC
Wireshark 1.6.x-1.6.16 and 1.8.x-1.8.8 - Denial of Service in CAPWAP Dissector
The dissect_capwap_data function in epan/dissectors/packet-capwap.c in the CAPWAP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 incorrectly uses a -1 data value to represent an error condition, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
CVE-2012-3826 EXPLOITDB text WORKING POC
Wireshark 1.4.x < 1.4.13 and 1.6.x < 1.6.8 - Denial of Service via R3 Dissector Integer Underflow
Multiple integer underflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (loop) via vectors related to the R3 dissector, a different vulnerability than CVE-2012-2392.
CVE-2006-6332 EXPLOITDB ruby WORKING POC
MadWifi - Stack-Based Buffer Overflow in IEEE80211 Wireless Component
Stack-based buffer overflow in net80211/ieee80211_wireless.c in MadWifi before 0.9.2.1 allows remote attackers to execute arbitrary code via unspecified vectors, related to the encode_ie and giwscan_cb functions.
CVE-2006-6332 EXPLOITDB ruby WORKING POC
MadWifi - Stack-Based Buffer Overflow in IEEE80211 Wireless Component
Stack-based buffer overflow in net80211/ieee80211_wireless.c in MadWifi before 0.9.2.1 allows remote attackers to execute arbitrary code via unspecified vectors, related to the encode_ie and giwscan_cb functions.
CVE-2012-0067 EXPLOITDB text WRITEUP
Wireshark 1.4.x-1.4.10 and 1.6.x-1.6.4 - Denial of Service via Long Packet in AIX iptrace File
wiretap/iptrace.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in an AIX iptrace file.