Vulnerability: KisMAC Cisco Vendor Tag Encapsulated SSID Overflow CVE: CVE-2006-1385 Risk: High CVSS Base Score: 5.1/10 Impact Subscore: 6.4/10 Exploitability Subscore: 4.9/10 Remote: Yes Local: No CVSS Base Score: 5.1/10 Exploit range: Remote Authentication: No required Confidentiality impact: Partial Integrity impact: Partial Availability impact: Partial Severity: Special crafted 802.11 management frames may cause a stackoverflow that eventually leads to remote code execution Vendor Status: Vendor has a released an updated version References: http://www.hardened-php.net/advisory_032006.115.html Disclosure Timeline: - 22. March 2006 - Contacted KisMAC developers by email - 22. March 2006 - Vendor releases KisMAC update - 23. March 2006 - Public Disclosure Recommendation: It is strongly recommended to upgrade to the newest version of KisMAC which you can download at: http://trac.kismac.de