CVE-2009-3836

ArubaOS 3.3.1.x, 3.3.2.x, RN 3.1.x, 3.4.x, and 3.3.2.x-FIPS on the Aruba Mobility Controller allows remote attackers to cause a denial of service (Access Point crash) via a malformed 802.11 Association Request management frame.

Published: Nov 2, 2009
Updated: Apr 13, 2023
CVE: CVE-2009-3836
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.1
AV:A/AC:L/Au:N/C:N/I:N/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
arubanetworks / arubaos	3.1.1-rn	3.1.1-rn.x
arubanetworks / arubaos	3.3.1.16	3.3.1.16.x
arubanetworks / arubaos	3.3.1.29	3.3.1.29.x
arubanetworks / arubaos	3.3.1.30	3.3.1.30.x
arubanetworks / arubaos	3.3.2.6	3.3.2.6.x
arubanetworks / arubaos	3.3.2.14-fips	3.3.2.14-fips.x
arubanetworks / arubaos	3.4.0	3.4.0.x
arubanetworks / aruba_mobility_controller	-	-

http://secunia.com/advisories/37085
http://www.arubanetworks.com/support/alerts/aid-102609.asc
http://www.securityfocus.com/bid/36832
http://www.vupen.com/english/advisories/2009/3051

Vulnerability Database

289,697

CVE-2009-3836