[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE request: aircrack-ng EAPOL buffer overflow
From: Josh Bressers <bressers () redhat ! com>
Date: 2010-04-14 19:19:01
Message-ID: 270719302.842871271272741182.JavaMail.root () zmail01 ! collab ! prod ! int ! phx2 ! redhat ! com
[Download RAW message or body]
Please use CVE-2010-1159 for this.
Thanks.
--
JB
----- "Florian Weimer" <fw@deneb.enyo.de> wrote:
> An exploit for a security vulnerability in aircrack-ng has been
> published:
>
> | The tools' code responsible for parsing IEEE802.11-packets assumes
> the
> | self-proclaimed length of a EAPOL-packet to be correct and never to
> exceed
> | a (arbitrary) maximum size of 256 bytes for packets that are part of
> the
> | EAPOL-authentication. [...]
>
> <http://pyrit.googlecode.com/svn/tags/opt/aircrackng_exploit.py>
>
> The fix seems to be fixed in r1676 and r1683:
>
> <http://trac.aircrack-ng.org/changeset/1676>
> <http://trac.aircrack-ng.org/changeset/1683>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic