Netbsd
CVE-2020-26139
MEDIUM
Severity by source
AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionCVE.org
An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.
AnalysisAI
An issue was discovered in the kernel in NetBSD 7.1. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.
Technical ContextAI
This vulnerability is classified as Improper Authentication (CWE-287), which allows attackers to bypass authentication mechanisms to gain unauthorized access. An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients. Affected products include: Netbsd, Debian Debian Linux, Arista C-100 Firmware, Arista C-110 Firmware, Arista C-120 Firmware.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Implement multi-factor authentication, enforce strong password policies, use proven authentication frameworks.
The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and
The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 thro
Remote code execution in OpenSSH's sshd server (regression of CVE-2006-5051) allows unauthenticated remote attackers to
NetBSD maps the run-time link-editor ld.so directly below the stack region, even if ASLR is enabled, this allows attacke
mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to change ownership of or
The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N
A flaw exists in NetBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitra
CGI handling flaw in bozohttpd in NetBSD 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows remote attackers to execut
In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG. Rated high severity (
In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm. Rated high severity (CVSS
In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures. Rated high seve
In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG. Rated high severity
Same weakness CWE-287 – Improper Authentication
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today