Upstream information

CVE-2008-4395 at MITRE

Description

Multiple buffer overflows in the ndiswrapper module 1.53 for the Linux kernel 2.6 allow remote attackers to execute arbitrary code by sending packets over a local wireless network that specify long ESSIDs.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having critical severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 8.3
Vector AV:A/AC:L/Au:N/C:C/I:C/A:C
Access Vector Adjacent Network
Access Complexity Low
Authentication None
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete
SUSE Bugzilla entry: 432461 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
Novell Linux Desktop 9 SDK for x86
  • km_ndiswrapper >= 1.1-4.7
  • ndiswrapper >= 1.1-4.7
core9.x86
sles9-nlpos.x86
core9.x86
sles9-oes.x86
sles9-nld.x86
YOU Patch Nr: 12315
Open Enterprise Server
  • km_ndiswrapper >= 1.1-4.7
core9.x86
sles9-nlpos.x86
core9.x86
sles9-oes.x86
sles9-nld.x86
YOU Patch Nr: 12315
SLES SDK 9 for x86
  • ndiswrapper >= 1.1-4.7
core9.x86
sles9-nlpos.x86
core9.x86
sles9-oes.x86
sles9-nld.x86
YOU Patch Nr: 12315
SUSE Linux Enterprise SDK 10 SP2
  • ndiswrapper >= 1.34-1.12
  • ndiswrapper-kmp-bigsmp >= 1.34_2.6.16.60_0.33-1.12
  • ndiswrapper-kmp-default >= 1.34_2.6.16.60_0.33-1.12
  • ndiswrapper-kmp-smp >= 1.34_2.6.16.60_0.33-1.12
sle10-sp2-sdk.x86-64
sles10-sp2-debuginfo.x86-64
sles10-sp2-debuginfo.x86
sle10-sp2-sdk.x86
sled10-sp2.x86
sled10-sp2.x86-64
ZYPP Patch Nr: 5834
SUSE Linux Enterprise SDK 10 SP2
  • ndiswrapper >= 1.34-1.12
  • ndiswrapper-kmp-default >= 1.34_2.6.16.60_0.33-1.12
  • ndiswrapper-kmp-smp >= 1.34_2.6.16.60_0.33-1.12
sle10-sp2-sdk.x86-64
sles10-sp2-debuginfo.x86-64
sles10-sp2-debuginfo.x86
sle10-sp2-sdk.x86
sled10-sp2.x86
sled10-sp2.x86-64
ZYPP Patch Nr: 5834
openSUSE 11.0
  • ndiswrapper-debuginfo >= 1.52-29.2
  • ndiswrapper-debugsource >= 1.52-29.2
openSUSE 11.0
  • ndiswrapper >= 1.52-29.2
  • ndiswrapper-kmp-default >= 1.52_2.6.25.18_0.2-29.2
  • ndiswrapper-kmp-pae >= 1.52_2.6.25.18_0.2-29.2
  • ndiswrapper-kmp-xen >= 1.52_2.6.25.18_0.2-29.2