CVE-2014-8321
HIGHaircrack-ng < 1.2 RC 1 - Local Privilege Escalation via GPS Tracker Buffer Overflow
Title source: llmDescription
Stack-based buffer overflow in the gps_tracker function in airodump-ng.c in Aircrack-ng before 1.2 RC 1 allows local users to execute arbitrary code or gain privileges via unspecified vectors.
References (5)
Core 5
Core References
Product, Release Notes, Third Party Advisory x_refsource_confirm
http://aircrack-ng.blogspot.com/2014/10/aircrack-ng-12-release-candidate-1.html
Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/128943/Aircrack-ng-1.2-Beta-3-DoS-Code-Execution.html
Patch, Third Party Advisory x_refsource_confirm
https://github.com/aircrack-ng/aircrack-ng/commit/ff70494dd389ba570dbdbf36f217c28d4381c6b5/
Patch, Third Party Advisory x_refsource_misc
https://github.com/aircrack-ng/aircrack-ng/pull/13
Third Party Advisory, VDB Entry x_refsource_misc
https://exchange.xforce.ibmcloud.com/vulnerabilities/98458
Scores
CVSS v3
7.8
EPSS
0.0081
EPSS Percentile
52.7%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-787
Status
published
Products (2)
aircrack-ng/aircrack-ng
1.2 beta1 (3 CPE variants)
aircrack-ng/aircrack-ng
< 1.1
Published
Jan 31, 2020
Tracked Since
Feb 18, 2026