Unrated severityNVD Advisory· Published Oct 28, 2006· Updated Apr 23, 2026
CVE-2006-5601
CVE-2006-5601
Description
Stack-based buffer overflow in the eap_do_notify function in eap.c in xsupplicant before 1.2.6, and possibly other versions, allows remote authenticated users to execute arbitrary code via unspecified vectors.
Affected products
16cpe:2.3:a:xsupplicant:xsupplicant:*:*:*:*:*:*:*:*+ 15 more
- cpe:2.3:a:xsupplicant:xsupplicant:*:*:*:*:*:*:*:*range: <=1.2.5
- cpe:2.3:a:xsupplicant:xsupplicant:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:xsupplicant:xsupplicant:0.6:*:*:*:*:*:*:*
- cpe:2.3:a:xsupplicant:xsupplicant:0.7:*:*:*:*:*:*:*
- cpe:2.3:a:xsupplicant:xsupplicant:0.8:*:*:*:*:*:*:*
- cpe:2.3:a:xsupplicant:xsupplicant:0.8b:*:*:*:*:*:*:*
- cpe:2.3:a:xsupplicant:xsupplicant:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:xsupplicant:xsupplicant:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:xsupplicant:xsupplicant:1.0pre1:*:*:*:*:*:*:*
- cpe:2.3:a:xsupplicant:xsupplicant:1.0pre2:*:*:*:*:*:*:*
- cpe:2.3:a:xsupplicant:xsupplicant:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:xsupplicant:xsupplicant:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:xsupplicant:xsupplicant:1.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:xsupplicant:xsupplicant:1.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:xsupplicant:xsupplicant:1.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:xsupplicant:xsupplicant:1.2pre1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- www.securityfocus.com/bid/20775nvdPatch
- secunia.com/advisories/22612nvdVendor Advisory
- secunia.com/advisories/22641nvdVendor Advisory
- www.vupen.com/english/advisories/2006/4233nvdVendor Advisory
- open1x.cvs.sourceforge.net/open1x/xsupplicant/src/eap.cnvd
- www.mandriva.com/security/advisoriesnvd
- www.novell.com/linux/security/advisories/2007_01_sr.htmlnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/29902nvd
News mentions
0No linked articles in our index yet.