Details of VAR-200911-0002

ID

VAR-200911-0002

CVE

CVE-2009-0052

TITLE

Atheros AR9160-BC1A On chipset Netgear WNDAP330 Wi-Fi Used by access points Atheros Service disruption in wireless drivers (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2009-003170

DESCRIPTION

The Atheros wireless driver, as used in Netgear WNDAP330 Wi-Fi access point with firmware 2.1.11 and other versions before 3.0.3 on the Atheros AR9160-BC1A chipset, and other products, allows remote authenticated users to cause a denial of service (device reboot or hang) and possibly execute arbitrary code via a truncated reserved management frame. NETGEAR WNDAP330 is prone to a denial-of-service vulnerability because it fails to properly parse malformed reserved management frames. Successful exploits will cause the affected device to crash or reboot, denying service to legitimate users. WNDAP330 with firmware 2.1.11 is vulnerable. Assigned CVE: ------------- * CVE-2009-0052 Details: -------- * The bug can be triggered by a malicious reserved management frame sent to the wireless access point (truncated packet). This can be achieved only after a successful 802.11 authentication (in "Open" mode according to the configuration of the wireless access point) and a successful 802.11 association with appropriate security parameters (e.g. WPA w/ TKIP unicast, TKIP multicast) which depends on the configuration of the wireless access point. Any other wireless device relying on this vulnerable wireless driver is likely to be vulnerable. Credits: -------- * This vulnerability was discovered by Laurent Butti from France Telecom / Orange . ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: Netgear WNDAP330 Management Frame Denial of Service SECUNIA ADVISORY ID: SA37344 VERIFY ADVISORY: http://secunia.com/advisories/37344/ DESCRIPTION: A vulnerability has been reported in Netgear WNDAP330, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error in the parsing of management frames, which can be exploited to reboot or hang an affected device. The vulnerability is reported in firmware version 2.1.11. Other versions may also be affected. SOLUTION: Update to version 3.0.3. http://kb.netgear.com/app/answers/detail/a_id/12199 PROVIDED AND/OR DISCOVERED BY: Laurent Butti from France Telecom / Orange ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/bugtraq/current/0070.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.25

sources: NVD: CVE-2009-0052 // JVNDB: JVNDB-2009-003170 // BID: 36991 // VULHUB: VHN-37498 // VULMON: CVE-2009-0052 // PACKETSTORM: 82665 // PACKETSTORM: 82583

AFFECTED PRODUCTS

vendor:	netgear	model:	wndap330	scope:	eq	version:	2.1.11	Trust: 2.0
vendor:	atheros	model:	ar9160-bc1a chipset	scope:	eq	version:	*	Trust: 1.1
vendor:	atheros	model:	ar9160-bc1a chipset	scope:	-	version:	-	Trust: 0.8
vendor:	net gear	model:	wndap330	scope:	-	version:	-	Trust: 0.8
vendor:	net gear	model:	wndap330	scope:	eq	version:	2.1.11 and 3.0.3 other	Trust: 0.8
vendor:	netgear	model:	wndap330	scope:	ne	version:	3.0.3	Trust: 0.3

sources: VULMON: CVE-2009-0052 // BID: 36991 // JVNDB: JVNDB-2009-003170 // CNNVD: CNNVD-200911-144 // NVD: CVE-2009-0052

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2009-0052
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2009-0052
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-200911-144
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-37498
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2009-0052
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2009-0052
severity:	MEDIUM
baseScore:	5.5
vectorString:	AV:A/AC:L/AU:S/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	5.1
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-37498
severity:	MEDIUM
baseScore:	5.5
vectorString:	AV:A/AC:L/AU:S/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	5.1
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-37498 // VULMON: CVE-2009-0052 // JVNDB: JVNDB-2009-003170 // CNNVD: CNNVD-200911-144 // NVD: CVE-2009-0052

PROBLEMTYPE DATA

problemtype:

NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2009-0052

THREAT TYPE

specific network environment

Trust: 0.6

sources: CNNVD: CNNVD-200911-144

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-200911-144

CONFIGURATIONS

sources: JVNDB: JVNDB-2009-003170

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-37498

PATCH

title:	Top Page	url:	http://www.atheros.com/	Trust: 0.8
title:	Top Page	url:	http://www.netgear.com/	Trust: 0.8
title:	wifuzzit	url:	https://github.com/0xd012/wifuzzit	Trust: 0.1
title:	wifuzzit	url:	https://github.com/flowerhack/wifuzzit	Trust: 0.1
title:	wifuzzit	url:	https://github.com/84KaliPleXon3/wifuzzit	Trust: 0.1
title:	wifuzzit	url:	https://github.com/PleXone2019/wifuzzit	Trust: 0.1
title:	wifuzzit	url:	https://github.com/wi-fi-analyzer/wifuzzit	Trust: 0.1

sources: VULMON: CVE-2009-0052 // JVNDB: JVNDB-2009-003170

EXTERNAL IDS

db:	NVD	id:	CVE-2009-0052	Trust: 3.0
db:	BID	id:	36991	Trust: 2.1
db:	SECUNIA	id:	37344	Trust: 1.9
db:	OSVDB	id:	59880	Trust: 1.8
db:	VUPEN	id:	ADV-2009-3212	Trust: 1.7
db:	JVNDB	id:	JVNDB-2009-003170	Trust: 0.8
db:	CNNVD	id:	CNNVD-200911-144	Trust: 0.7
db:	BUGTRAQ	id:	20091110 ATHEROS DRIVER RESERVED FRAME VULNERABILITY	Trust: 0.6
db:	XF	id:	54216	Trust: 0.6
db:	XF	id:	330	Trust: 0.6
db:	PACKETSTORM	id:	82665	Trust: 0.2
db:	VULHUB	id:	VHN-37498	Trust: 0.1
db:	VUPEN	id:	2009/3212	Trust: 0.1
db:	VULMON	id:	CVE-2009-0052	Trust: 0.1
db:	PACKETSTORM	id:	82583	Trust: 0.1

sources: VULHUB: VHN-37498 // VULMON: CVE-2009-0052 // BID: 36991 // JVNDB: JVNDB-2009-003170 // PACKETSTORM: 82665 // PACKETSTORM: 82583 // CNNVD: CNNVD-200911-144 // NVD: CVE-2009-0052

REFERENCES

url:	http://www.securityfocus.com/bid/36991	Trust: 1.9
url:	http://www.osvdb.org/59880	Trust: 1.8
url:	http://secunia.com/advisories/37344	Trust: 1.8
url:	http://www.vupen.com/english/advisories/2009/3212	Trust: 1.8
url:	http://www.securityfocus.com/archive/1/507777/100/0/threaded	Trust: 1.2
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/54216	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0052	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-0052	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/54216	Trust: 0.6
url:	http://www.securityfocus.com/archive/1/archive/1/507777/100/0/threaded	Trust: 0.6
url:	http://archives.neohapsis.com/archives/bugtraq/current/0070.html	Trust: 0.4
url:	http://kb.netgear.com/app/answers/detail/a_id/12199	Trust: 0.4
url:	http://www.netgear.com	Trust: 0.3
url:	/archive/1/507777	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://github.com/0xd012/wifuzzit	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-0052	Trust: 0.1
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/advisories/business_solutions/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/advisories/37344/	Trust: 0.1
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.1

CREDITS

Laurent Butti

Trust: 1.0

sources: BID: 36991 // PACKETSTORM: 82665 // CNNVD: CNNVD-200911-144

SOURCES

db:	VULHUB	id:	VHN-37498
db:	VULMON	id:	CVE-2009-0052
db:	BID	id:	36991
db:	JVNDB	id:	JVNDB-2009-003170
db:	PACKETSTORM	id:	82665
db:	PACKETSTORM	id:	82583
db:	CNNVD	id:	CNNVD-200911-144
db:	NVD	id:	CVE-2009-0052

LAST UPDATE DATE

2025-04-10T23:01:25.326000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-37498	date:	2018-10-11T00:00:00
db:	VULMON	id:	CVE-2009-0052	date:	2018-10-11T00:00:00
db:	BID	id:	36991	date:	2010-07-21T19:16:00
db:	JVNDB	id:	JVNDB-2009-003170	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200911-144	date:	2009-11-13T00:00:00
db:	NVD	id:	CVE-2009-0052	date:	2025-04-09T00:30:58.490

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-37498	date:	2009-11-12T00:00:00
db:	VULMON	id:	CVE-2009-0052	date:	2009-11-12T00:00:00
db:	BID	id:	36991	date:	2009-11-11T00:00:00
db:	JVNDB	id:	JVNDB-2009-003170	date:	2012-06-26T00:00:00
db:	PACKETSTORM	id:	82665	date:	2009-11-17T01:44:34
db:	PACKETSTORM	id:	82583	date:	2009-11-16T09:28:42
db:	CNNVD	id:	CNNVD-200911-144	date:	2009-11-12T00:00:00
db:	NVD	id:	CVE-2009-0052	date:	2009-11-12T23:30:00.577