Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for wn802t by netgear

    VAR-200809-0311

    Vulnerability from variot - Updated: 2025-04-10 22:07

    The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse EAPoL-Key packets, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a malformed EAPoL-Key packet with a crafted "advertised length.". The NETGEAR WN802T wireless access point is prone to a denial-of-service vulnerability because it fails to adequately handle long key lengths in EAPoL packets. Successful exploits will deny service to legitimate users. Given the nature of this issue, remote code execution may be possible, but this has not been confirmed. NETGEAR WN802T firmware 1.3.16 with the MARVELL 88W8361P-BEM1 chipset is vulnerable. Other devices running this Marvell chipset may also be affected. This packet is used for unicast/multicast key derivation (which are called 4-way handshake and group key handshake) of any secure wireless connection (WPA-PSK, WPA2-PSK, WPA-EAP, WPA2-EAP). This can be achieved only after a successful 802.11 authentication (in "Open" mode according to the configuration of the wireless access point) and a successful 802.11 association with appropriate security parameters (e.g. WPA w/ TKIP unicast, TKIP multicast) which depends on the configuration of the wireless access point. This security vulnerability was reported to Netgear, updated firmwares should be available on their web site. Any other wireless device relying on this vulnerable wireless driver is likely to be vulnerable.

    Credits:

    • This vulnerability was discovered by Laurent Butti and Julien Tinnes from France Telecom / Orange .

    1) An error exists in the processing of SSID information included in association requests. This can be exploited to reboot or hang-up the device by sending a specially crafted association request.

    2) An error in the processing of EAPoL-Key packets can be exploited to reboot or hang-up a device by sending a specially crafted EAPoL-Key packet containing an overly large "length" value.

    The vulnerabilities are reported in firmware version 1.3.16. Other versions may also be affected.

    SOLUTION: Use the device only in a trusted network environment.

    PROVIDED AND/OR DISCOVERED BY: Laurent Butti and Julien Tinnes, France Telecom / Orange

    ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/bugtraq/2008-09/0048.html http://archives.neohapsis.com/archives/bugtraq/2008-09/0049.html


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/advisories/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "wn802t",
            "scope": "eq",
            "trust": 2.0,
            "vendor": "netgear",
            "version": "1.3.16"
          },
          {
            "_id": null,
            "model": "88w8361w-bem1",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "marvell",
            "version": "*"
          },
          {
            "_id": null,
            "model": "88w8361w-bem1",
            "scope": null,
            "trust": 0.8,
            "vendor": "marvell",
            "version": null
          },
          {
            "_id": null,
            "model": "wn802t",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "net gear",
            "version": "1.3.16"
          },
          {
            "_id": null,
            "model": "semiconductor 88w8361p-bem1 chipset",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "marvell",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2008-1144"
          },
          {
            "db": "BID",
            "id": "31013"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-004185"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-084"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-1144"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/h:marvell:88w8361w-bem1",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:netgear:wn802t",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-004185"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Laurent Butti\u203b laurent.butti@orange-ftgroup.com",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-084"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2008-1144",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 6.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CVE-2008-1144",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 6.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "VHN-31269",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:S/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2008-1144",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2008-1144",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200809-084",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-31269",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2008-1144",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-31269"
          },
          {
            "db": "VULMON",
            "id": "CVE-2008-1144"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-004185"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-084"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-1144"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse EAPoL-Key packets, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a malformed EAPoL-Key packet with a crafted \"advertised length.\". The NETGEAR WN802T wireless access point is prone to a denial-of-service vulnerability because it fails to adequately handle long key lengths in EAPoL packets. \nSuccessful exploits will deny service to legitimate users. Given the nature of this issue, remote code execution may be possible, but this has not been confirmed. \nNETGEAR WN802T firmware 1.3.16 with the MARVELL 88W8361P-BEM1 chipset is vulnerable. Other devices running this Marvell chipset may also be affected. This packet is used for unicast/multicast key derivation (which\nare called 4-way handshake and group key handshake) of any secure\nwireless connection (WPA-PSK, WPA2-PSK, WPA-EAP, WPA2-EAP). This can be achieved only after a successful\n802.11 authentication (in \"Open\" mode according to the configuration of\nthe wireless access point) and a successful 802.11 association with\nappropriate security parameters (e.g. WPA w/ TKIP unicast, TKIP\nmulticast) which depends on the configuration of the wireless access point. \nThis security vulnerability was reported to Netgear, updated firmwares\nshould be available on their web site. Any other wireless device relying\non this vulnerable wireless driver is likely to be vulnerable. \n\nCredits:\n--------\n* This vulnerability was discovered by Laurent Butti and Julien Tinnes\nfrom France Telecom / Orange\n. \n\n1) An error exists in the processing of SSID information included in\nassociation requests. This can be exploited to reboot or hang-up the\ndevice by sending a specially crafted association request. \n\n2) An error in the processing of EAPoL-Key packets can be exploited\nto reboot or hang-up a device by sending a specially crafted\nEAPoL-Key packet containing an overly large \"length\" value. \n\nThe vulnerabilities are reported in firmware version 1.3.16. Other\nversions may also be affected. \n\nSOLUTION:\nUse the device only in a trusted network environment. \n\nPROVIDED AND/OR DISCOVERED BY:\nLaurent Butti and Julien Tinnes, France Telecom / Orange\n\nORIGINAL ADVISORY:\nhttp://archives.neohapsis.com/archives/bugtraq/2008-09/0048.html\nhttp://archives.neohapsis.com/archives/bugtraq/2008-09/0049.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-1144"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-004185"
          },
          {
            "db": "BID",
            "id": "31013"
          },
          {
            "db": "VULHUB",
            "id": "VHN-31269"
          },
          {
            "db": "VULMON",
            "id": "CVE-2008-1144"
          },
          {
            "db": "PACKETSTORM",
            "id": "69626"
          },
          {
            "db": "PACKETSTORM",
            "id": "69658"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2008-1144",
            "trust": 3.1
          },
          {
            "db": "BID",
            "id": "31013",
            "trust": 2.1
          },
          {
            "db": "SECUNIA",
            "id": "31770",
            "trust": 1.9
          },
          {
            "db": "SREASON",
            "id": "4227",
            "trust": 1.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-004185",
            "trust": 0.8
          },
          {
            "db": "BUGTRAQ",
            "id": "20080904 MARVELL DRIVER EAPOL-KEY LENGTH OVERFLOW",
            "trust": 0.6
          },
          {
            "db": "XF",
            "id": "44919",
            "trust": 0.6
          },
          {
            "db": "XF",
            "id": "802",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-084",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "69626",
            "trust": 0.2
          },
          {
            "db": "OTHER",
            "id": "NONE",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-31269",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2008-1144",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "69658",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-31269"
          },
          {
            "db": "VULMON",
            "id": "CVE-2008-1144"
          },
          {
            "db": "BID",
            "id": "31013"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-004185"
          },
          {
            "db": "PACKETSTORM",
            "id": "69626"
          },
          {
            "db": "PACKETSTORM",
            "id": "69658"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-084"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-1144"
          }
        ]
      },
      "id": "VAR-200809-0311",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-31269"
          }
        ],
        "trust": 0.02
      },
      "iot_taxonomy": {
        "_id": null,
        "data": [
          {
            "category": [
              "network device"
            ],
            "sub_category": "Wi-Fi access point",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ]
      },
      "last_update_date": "2025-04-10T22:07:58.683000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.marvell.com/"
          },
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.netgear.com/home/"
          },
          {
            "title": "wifuzzit",
            "trust": 0.1,
            "url": "https://github.com/0xd012/wifuzzit "
          },
          {
            "title": "wifuzzit",
            "trust": 0.1,
            "url": "https://github.com/flowerhack/wifuzzit "
          },
          {
            "title": "wifuzzit",
            "trust": 0.1,
            "url": "https://github.com/84KaliPleXon3/wifuzzit "
          },
          {
            "title": "wifuzzit",
            "trust": 0.1,
            "url": "https://github.com/PleXone2019/wifuzzit "
          },
          {
            "title": "wifuzzit",
            "trust": 0.1,
            "url": "https://github.com/wi-fi-analyzer/wifuzzit "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2008-1144"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-004185"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-20",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-31269"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-004185"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-1144"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 1.9,
            "url": "http://www.securityfocus.com/bid/31013"
          },
          {
            "trust": 1.8,
            "url": "http://secunia.com/advisories/31770"
          },
          {
            "trust": 1.8,
            "url": "http://securityreason.com/securityalert/4227"
          },
          {
            "trust": 1.2,
            "url": "http://www.securityfocus.com/archive/1/495982/100/0/threaded"
          },
          {
            "trust": 1.2,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44919"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1144"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-1144"
          },
          {
            "trust": 0.6,
            "url": "http://xforce.iss.net/xforce/xfdb/44919"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/archive/1/archive/1/495982/100/0/threaded"
          },
          {
            "trust": 0.3,
            "url": "http://www.marvell.com/"
          },
          {
            "trust": 0.3,
            "url": "http://www.netgear.com"
          },
          {
            "trust": 0.3,
            "url": "http://kbserver.netgear.com/products/wn802t.asp"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/495982"
          },
          {
            "trust": 0.1,
            "url": "https://ieeexplore.ieee.org/abstract/document/10769424"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/20.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/0xd012/wifuzzit"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1144"
          },
          {
            "trust": 0.1,
            "url": "http://archives.neohapsis.com/archives/bugtraq/2008-09/0049.html"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/19749/"
          },
          {
            "trust": 0.1,
            "url": "http://archives.neohapsis.com/archives/bugtraq/2008-09/0048.html"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/corporate/jobs/open_positions/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/31770/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-31269"
          },
          {
            "db": "VULMON",
            "id": "CVE-2008-1144"
          },
          {
            "db": "BID",
            "id": "31013"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-004185"
          },
          {
            "db": "PACKETSTORM",
            "id": "69626"
          },
          {
            "db": "PACKETSTORM",
            "id": "69658"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-084"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-1144"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "OTHER",
            "id": null,
            "ident": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-31269",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2008-1144",
            "ident": null
          },
          {
            "db": "BID",
            "id": "31013",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-004185",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "69626",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "69658",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-084",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2008-1144",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2008-09-05T00:00:00",
            "db": "VULHUB",
            "id": "VHN-31269",
            "ident": null
          },
          {
            "date": "2008-09-05T00:00:00",
            "db": "VULMON",
            "id": "CVE-2008-1144",
            "ident": null
          },
          {
            "date": "2008-09-04T00:00:00",
            "db": "BID",
            "id": "31013",
            "ident": null
          },
          {
            "date": "2012-09-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-004185",
            "ident": null
          },
          {
            "date": "2008-09-04T17:17:26",
            "db": "PACKETSTORM",
            "id": "69626",
            "ident": null
          },
          {
            "date": "2008-09-05T15:36:36",
            "db": "PACKETSTORM",
            "id": "69658",
            "ident": null
          },
          {
            "date": "2008-09-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200809-084",
            "ident": null
          },
          {
            "date": "2008-09-05T16:08:00",
            "db": "NVD",
            "id": "CVE-2008-1144",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2018-10-11T00:00:00",
            "db": "VULHUB",
            "id": "VHN-31269",
            "ident": null
          },
          {
            "date": "2018-10-11T00:00:00",
            "db": "VULMON",
            "id": "CVE-2008-1144",
            "ident": null
          },
          {
            "date": "2008-09-04T19:34:00",
            "db": "BID",
            "id": "31013",
            "ident": null
          },
          {
            "date": "2012-09-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-004185",
            "ident": null
          },
          {
            "date": "2009-01-29T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200809-084",
            "ident": null
          },
          {
            "date": "2025-04-09T00:30:58.490000",
            "db": "NVD",
            "id": "CVE-2008-1144",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-084"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "Netgear WN802T Wi-Fi Access point  Marvell Service disruption in drivers  (DoS) Vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-004185"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "input validation",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-084"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200809-0004

    Vulnerability from variot - Updated: 2025-04-10 20:50

    The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse the SSID information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a "Null SSID.". The NETGEAR WN802T wireless access point is prone to a denial-of-service vulnerability because it fails to adequately verify user-supplied input. Attackers can exploit this issue to hang or reboot the device, denying service to legitimate users. The NETGEAR WN802T wireless access point running firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset is vulnerable. Other devices running this Marvell chipset may also be affected. Most information elements are used by the wireless access point and clients to advertise their capabilities (regarding rates, network name, cryptographic capabilities...). More precisely, the SSID is used by the access point to validate that the wireless client intends to connect to the appropriate SSID.

    Assigned CVE:

    • CVE-2008-1197

    Details:

    • The bug can be triggered by a malicious association request to the wireless access point with a Null SSID. This can be achieved only after a successful 802.11 authentication (in "Open" or "Shared" mode according to the configuration of the wireless access point). This security vulnerability was reported to Netgear, updated firmwares should be available on their web site. Any other wireless device relying on this vulnerable wireless driver is likely to be vulnerable.

    Credits:

    • This vulnerability was discovered by Laurent Butti and Julien Tinnes from France Telecom / Orange .

    1) An error exists in the processing of SSID information included in association requests. This can be exploited to reboot or hang-up the device by sending a specially crafted association request.

    2) An error in the processing of EAPoL-Key packets can be exploited to reboot or hang-up a device by sending a specially crafted EAPoL-Key packet containing an overly large "length" value.

    The vulnerabilities are reported in firmware version 1.3.16. Other versions may also be affected.

    SOLUTION: Use the device only in a trusted network environment.

    PROVIDED AND/OR DISCOVERED BY: Laurent Butti and Julien Tinnes, France Telecom / Orange

    ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/bugtraq/2008-09/0048.html http://archives.neohapsis.com/archives/bugtraq/2008-09/0049.html


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/advisories/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "wn802t",
            "scope": "eq",
            "trust": 2.0,
            "vendor": "netgear",
            "version": "1.3.16"
          },
          {
            "_id": null,
            "model": "88w8361w-bem1",
            "scope": null,
            "trust": 1.4,
            "vendor": "marvell",
            "version": null
          },
          {
            "_id": null,
            "model": "88w8361w-bem1",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "marvell",
            "version": "*"
          },
          {
            "_id": null,
            "model": "wn802t",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "net gear",
            "version": "1.3.16"
          },
          {
            "_id": null,
            "model": "semiconductor 88w8361p-bem1 chipset",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "marvell",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2008-1197"
          },
          {
            "db": "BID",
            "id": "30976"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-004191"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-085"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-1197"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/h:marvell:88w8361w-bem1",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:netgear:wn802t",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-004191"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Laurent Butti\u203b laurent.butti@orange-ftgroup.com",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-085"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2008-1197",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 6.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CVE-2008-1197",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 6.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "VHN-31322",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:S/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2008-1197",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2008-1197",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200809-085",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-31322",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2008-1197",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-31322"
          },
          {
            "db": "VULMON",
            "id": "CVE-2008-1197"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-004191"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-085"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-1197"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse the SSID information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a \"Null SSID.\". The NETGEAR WN802T wireless access point is prone to a denial-of-service vulnerability because it fails to adequately verify user-supplied input. \nAttackers can exploit this issue to hang or reboot the device, denying service to legitimate users. \nThe NETGEAR WN802T wireless access point running firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset is vulnerable.  Other devices running this Marvell chipset may also be affected. Most information elements are\nused by the wireless access point and clients to advertise their\ncapabilities (regarding rates, network name, cryptographic\ncapabilities...). More precisely, the SSID is used by the access point\nto validate that the wireless client intends to connect to the\nappropriate SSID. \n\nAssigned CVE:\n-------------\n* CVE-2008-1197\n\nDetails:\n--------\n* The bug can be triggered by a malicious association request to the\nwireless access point with a Null SSID. This can be achieved only after\na successful 802.11 authentication (in \"Open\" or \"Shared\" mode according\nto the configuration of the wireless access point). \nThis security vulnerability was reported to Netgear, updated firmwares\nshould be available on their web site. Any other wireless device relying\non this vulnerable wireless driver is likely to be vulnerable. \n\nCredits:\n--------\n* This vulnerability was discovered by Laurent Butti and Julien Tinnes\nfrom France Telecom / Orange\n. \n\n1) An error exists in the processing of SSID information included in\nassociation requests. This can be exploited to reboot or hang-up the\ndevice by sending a specially crafted association request. \n\n2) An error in the processing of EAPoL-Key packets can be exploited\nto reboot or hang-up a device by sending a specially crafted\nEAPoL-Key packet containing an overly large \"length\" value. \n\nThe vulnerabilities are reported in firmware version 1.3.16. Other\nversions may also be affected. \n\nSOLUTION:\nUse the device only in a trusted network environment. \n\nPROVIDED AND/OR DISCOVERED BY:\nLaurent Butti and Julien Tinnes, France Telecom / Orange\n\nORIGINAL ADVISORY:\nhttp://archives.neohapsis.com/archives/bugtraq/2008-09/0048.html\nhttp://archives.neohapsis.com/archives/bugtraq/2008-09/0049.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-1197"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-004191"
          },
          {
            "db": "BID",
            "id": "30976"
          },
          {
            "db": "VULHUB",
            "id": "VHN-31322"
          },
          {
            "db": "VULMON",
            "id": "CVE-2008-1197"
          },
          {
            "db": "PACKETSTORM",
            "id": "69627"
          },
          {
            "db": "PACKETSTORM",
            "id": "69658"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2008-1197",
            "trust": 3.1
          },
          {
            "db": "BID",
            "id": "30976",
            "trust": 2.1
          },
          {
            "db": "SECUNIA",
            "id": "31770",
            "trust": 1.9
          },
          {
            "db": "SREASON",
            "id": "4215",
            "trust": 1.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-004191",
            "trust": 0.8
          },
          {
            "db": "BUGTRAQ",
            "id": "20080904 MARVELL DRIVER NULL SSID ASSOCIATION REQUEST VULNERABILITY",
            "trust": 0.6
          },
          {
            "db": "XF",
            "id": "802",
            "trust": 0.6
          },
          {
            "db": "XF",
            "id": "44918",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-085",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "69627",
            "trust": 0.2
          },
          {
            "db": "OTHER",
            "id": "NONE",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-31322",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2008-1197",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "69658",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-31322"
          },
          {
            "db": "VULMON",
            "id": "CVE-2008-1197"
          },
          {
            "db": "BID",
            "id": "30976"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-004191"
          },
          {
            "db": "PACKETSTORM",
            "id": "69627"
          },
          {
            "db": "PACKETSTORM",
            "id": "69658"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-085"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-1197"
          }
        ]
      },
      "id": "VAR-200809-0004",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-31322"
          }
        ],
        "trust": 0.02
      },
      "iot_taxonomy": {
        "_id": null,
        "data": [
          {
            "category": [
              "network device"
            ],
            "sub_category": "Wi-Fi access point",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ]
      },
      "last_update_date": "2025-04-10T20:50:30.248000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.marvell.com/"
          },
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.netgear.com/home/"
          },
          {
            "title": "wifuzzit",
            "trust": 0.1,
            "url": "https://github.com/0xd012/wifuzzit "
          },
          {
            "title": "wifuzzit",
            "trust": 0.1,
            "url": "https://github.com/flowerhack/wifuzzit "
          },
          {
            "title": "wifuzzit",
            "trust": 0.1,
            "url": "https://github.com/84KaliPleXon3/wifuzzit "
          },
          {
            "title": "wifuzzit",
            "trust": 0.1,
            "url": "https://github.com/PleXone2019/wifuzzit "
          },
          {
            "title": "wifuzzit",
            "trust": 0.1,
            "url": "https://github.com/wi-fi-analyzer/wifuzzit "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2008-1197"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-004191"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-20",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-31322"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-004191"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-1197"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 1.9,
            "url": "http://www.securityfocus.com/bid/30976"
          },
          {
            "trust": 1.8,
            "url": "http://secunia.com/advisories/31770"
          },
          {
            "trust": 1.8,
            "url": "http://securityreason.com/securityalert/4215"
          },
          {
            "trust": 1.2,
            "url": "http://www.securityfocus.com/archive/1/495983/100/0/threaded"
          },
          {
            "trust": 1.2,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44918"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1197"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-1197"
          },
          {
            "trust": 0.6,
            "url": "http://xforce.iss.net/xforce/xfdb/44918"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/archive/1/archive/1/495983/100/0/threaded"
          },
          {
            "trust": 0.3,
            "url": "http://www.marvell.com/"
          },
          {
            "trust": 0.3,
            "url": "http://www.netgear.com"
          },
          {
            "trust": 0.3,
            "url": "http://kbserver.netgear.com/products/wn802t.asp"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/495983"
          },
          {
            "trust": 0.1,
            "url": "https://ieeexplore.ieee.org/abstract/document/10769424"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/20.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/0xd012/wifuzzit"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1197"
          },
          {
            "trust": 0.1,
            "url": "http://archives.neohapsis.com/archives/bugtraq/2008-09/0049.html"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/19749/"
          },
          {
            "trust": 0.1,
            "url": "http://archives.neohapsis.com/archives/bugtraq/2008-09/0048.html"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/corporate/jobs/open_positions/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/31770/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-31322"
          },
          {
            "db": "VULMON",
            "id": "CVE-2008-1197"
          },
          {
            "db": "BID",
            "id": "30976"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-004191"
          },
          {
            "db": "PACKETSTORM",
            "id": "69627"
          },
          {
            "db": "PACKETSTORM",
            "id": "69658"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-085"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-1197"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "OTHER",
            "id": null,
            "ident": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-31322",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2008-1197",
            "ident": null
          },
          {
            "db": "BID",
            "id": "30976",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-004191",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "69627",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "69658",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-085",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2008-1197",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2008-09-05T00:00:00",
            "db": "VULHUB",
            "id": "VHN-31322",
            "ident": null
          },
          {
            "date": "2008-09-05T00:00:00",
            "db": "VULMON",
            "id": "CVE-2008-1197",
            "ident": null
          },
          {
            "date": "2008-09-04T00:00:00",
            "db": "BID",
            "id": "30976",
            "ident": null
          },
          {
            "date": "2012-09-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-004191",
            "ident": null
          },
          {
            "date": "2008-09-04T17:18:39",
            "db": "PACKETSTORM",
            "id": "69627",
            "ident": null
          },
          {
            "date": "2008-09-05T15:36:36",
            "db": "PACKETSTORM",
            "id": "69658",
            "ident": null
          },
          {
            "date": "2008-09-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200809-085",
            "ident": null
          },
          {
            "date": "2008-09-05T16:08:00",
            "db": "NVD",
            "id": "CVE-2008-1197",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2018-10-11T00:00:00",
            "db": "VULHUB",
            "id": "VHN-31322",
            "ident": null
          },
          {
            "date": "2018-10-11T00:00:00",
            "db": "VULMON",
            "id": "CVE-2008-1197",
            "ident": null
          },
          {
            "date": "2008-09-04T19:24:00",
            "db": "BID",
            "id": "30976",
            "ident": null
          },
          {
            "date": "2012-09-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-004191",
            "ident": null
          },
          {
            "date": "2009-01-29T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200809-085",
            "ident": null
          },
          {
            "date": "2025-04-09T00:30:58.490000",
            "db": "NVD",
            "id": "CVE-2008-1197",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-085"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "Netgear WN802T Wi-Fi Access point  Marvell Service disruption in drivers  (DoS) Vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-004191"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "input validation",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-085"
          }
        ],
        "trust": 0.6
      }
    }

    CVE-2008-1144 (GCVE-0-2008-1144)

    Vulnerability from nvd – Published: 2008-09-05 16:00 – Updated: 2024-08-07 08:08
    VLAI
    Summary
    The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse EAPoL-Key packets, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a malformed EAPoL-Key packet with a crafted "advertised length."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securityreason.com/securityalert/4227 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/archive/1/495982/100… mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/31770 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/31013 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2008-09-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T08:08:57.711Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "4227",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/4227"
              },
              {
                "name": "20080904 Marvell Driver EAPoL-Key Length Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/495982/100/0/threaded"
              },
              {
                "name": "31770",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/31770"
              },
              {
                "name": "31013",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/31013"
              },
              {
                "name": "netgear-wn802t-eapolkey-dos(44919)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44919"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-09-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse EAPoL-Key packets, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a malformed EAPoL-Key packet with a crafted \"advertised length.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-11T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "4227",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/4227"
            },
            {
              "name": "20080904 Marvell Driver EAPoL-Key Length Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/495982/100/0/threaded"
            },
            {
              "name": "31770",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/31770"
            },
            {
              "name": "31013",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/31013"
            },
            {
              "name": "netgear-wn802t-eapolkey-dos(44919)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44919"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-1144",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse EAPoL-Key packets, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a malformed EAPoL-Key packet with a crafted \"advertised length.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "4227",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/4227"
                },
                {
                  "name": "20080904 Marvell Driver EAPoL-Key Length Overflow",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/495982/100/0/threaded"
                },
                {
                  "name": "31770",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/31770"
                },
                {
                  "name": "31013",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/31013"
                },
                {
                  "name": "netgear-wn802t-eapolkey-dos(44919)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44919"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-1144",
        "datePublished": "2008-09-05T16:00:00.000Z",
        "dateReserved": "2008-03-04T00:00:00.000Z",
        "dateUpdated": "2024-08-07T08:08:57.711Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-1197 (GCVE-0-2008-1197)

    Vulnerability from nvd – Published: 2008-09-05 16:00 – Updated: 2024-08-07 08:08
    VLAI
    Summary
    The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse the SSID information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a "Null SSID."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/31770 third-party-advisoryx_refsource_SECUNIA
    http://securityreason.com/securityalert/4215 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/archive/1/495983/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/30976 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2008-09-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T08:08:57.867Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "31770",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/31770"
              },
              {
                "name": "4215",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/4215"
              },
              {
                "name": "20080904 Marvell Driver Null SSID Association Request Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/495983/100/0/threaded"
              },
              {
                "name": "30976",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/30976"
              },
              {
                "name": "netgear-wn802t-ssid-dos(44918)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44918"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-09-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse the SSID information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a \"Null SSID.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-11T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "31770",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/31770"
            },
            {
              "name": "4215",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/4215"
            },
            {
              "name": "20080904 Marvell Driver Null SSID Association Request Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/495983/100/0/threaded"
            },
            {
              "name": "30976",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/30976"
            },
            {
              "name": "netgear-wn802t-ssid-dos(44918)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44918"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-1197",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse the SSID information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a \"Null SSID.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "31770",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/31770"
                },
                {
                  "name": "4215",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/4215"
                },
                {
                  "name": "20080904 Marvell Driver Null SSID Association Request Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/495983/100/0/threaded"
                },
                {
                  "name": "30976",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/30976"
                },
                {
                  "name": "netgear-wn802t-ssid-dos(44918)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44918"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-1197",
        "datePublished": "2008-09-05T16:00:00.000Z",
        "dateReserved": "2008-03-06T00:00:00.000Z",
        "dateUpdated": "2024-08-07T08:08:57.867Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-1144 (GCVE-0-2008-1144)

    Vulnerability from cvelistv5 – Published: 2008-09-05 16:00 – Updated: 2024-08-07 08:08
    VLAI
    Summary
    The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse EAPoL-Key packets, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a malformed EAPoL-Key packet with a crafted "advertised length."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securityreason.com/securityalert/4227 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/archive/1/495982/100… mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/31770 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/31013 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2008-09-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T08:08:57.711Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "4227",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/4227"
              },
              {
                "name": "20080904 Marvell Driver EAPoL-Key Length Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/495982/100/0/threaded"
              },
              {
                "name": "31770",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/31770"
              },
              {
                "name": "31013",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/31013"
              },
              {
                "name": "netgear-wn802t-eapolkey-dos(44919)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44919"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-09-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse EAPoL-Key packets, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a malformed EAPoL-Key packet with a crafted \"advertised length.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-11T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "4227",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/4227"
            },
            {
              "name": "20080904 Marvell Driver EAPoL-Key Length Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/495982/100/0/threaded"
            },
            {
              "name": "31770",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/31770"
            },
            {
              "name": "31013",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/31013"
            },
            {
              "name": "netgear-wn802t-eapolkey-dos(44919)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44919"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-1144",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse EAPoL-Key packets, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a malformed EAPoL-Key packet with a crafted \"advertised length.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "4227",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/4227"
                },
                {
                  "name": "20080904 Marvell Driver EAPoL-Key Length Overflow",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/495982/100/0/threaded"
                },
                {
                  "name": "31770",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/31770"
                },
                {
                  "name": "31013",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/31013"
                },
                {
                  "name": "netgear-wn802t-eapolkey-dos(44919)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44919"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-1144",
        "datePublished": "2008-09-05T16:00:00.000Z",
        "dateReserved": "2008-03-04T00:00:00.000Z",
        "dateUpdated": "2024-08-07T08:08:57.711Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-1197 (GCVE-0-2008-1197)

    Vulnerability from cvelistv5 – Published: 2008-09-05 16:00 – Updated: 2024-08-07 08:08
    VLAI
    Summary
    The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse the SSID information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a "Null SSID."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/31770 third-party-advisoryx_refsource_SECUNIA
    http://securityreason.com/securityalert/4215 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/archive/1/495983/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/30976 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2008-09-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T08:08:57.867Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "31770",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/31770"
              },
              {
                "name": "4215",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/4215"
              },
              {
                "name": "20080904 Marvell Driver Null SSID Association Request Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/495983/100/0/threaded"
              },
              {
                "name": "30976",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/30976"
              },
              {
                "name": "netgear-wn802t-ssid-dos(44918)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44918"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-09-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse the SSID information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a \"Null SSID.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-11T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "31770",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/31770"
            },
            {
              "name": "4215",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/4215"
            },
            {
              "name": "20080904 Marvell Driver Null SSID Association Request Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/495983/100/0/threaded"
            },
            {
              "name": "30976",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/30976"
            },
            {
              "name": "netgear-wn802t-ssid-dos(44918)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44918"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-1197",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse the SSID information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a \"Null SSID.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "31770",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/31770"
                },
                {
                  "name": "4215",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/4215"
                },
                {
                  "name": "20080904 Marvell Driver Null SSID Association Request Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/495983/100/0/threaded"
                },
                {
                  "name": "30976",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/30976"
                },
                {
                  "name": "netgear-wn802t-ssid-dos(44918)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44918"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-1197",
        "datePublished": "2008-09-05T16:00:00.000Z",
        "dateReserved": "2008-03-06T00:00:00.000Z",
        "dateUpdated": "2024-08-07T08:08:57.867Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }