CVE-2006-0226
FreeBSD - Remote Code Execution via Crafted 802.11 Beacon or Probe Response Frames
Title source: llmDescription
Integer overflow in IEEE 802.11 network subsystem (ieee80211_ioctl.c) in FreeBSD before 6.0-STABLE, while scanning for wireless networks, allows remote attackers to execute arbitrary code by broadcasting crafted (1) beacon or (2) probe response frames.
References (9)
Core 9
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1015518
Various Sources x_refsource_misc
http://kernelwars.blogspot.com/2007/01/alive.html
Various Sources x_refsource_misc
http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#Eriksson
Various Sources vendor-advisory
x_refsource_freebsd
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:05.80211.asc
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/24192
Vendor Advisory x_refsource_misc
http://www.signedness.org/advisories/sps-0x1.txt
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/22537
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/16296
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/18353
Scores
EPSS
0.1728
EPSS Percentile
95.1%
Details
Status
published
Products (1)
freebsd/freebsd
6.0 release (2 CPE variants)
Published
Jan 19, 2006
Tracked Since
Feb 18, 2026