174340 – net-wireless/aircrack-ng remote buffer overflow vulnerability (CVE-2007-2057)

Bug 174340 - net-wireless/aircrack-ng remote buffer overflow vulnerability (CVE-2007-2057)

Summary: net-wireless/aircrack-ng remote buffer overflow vulnerability (CVE-2007-2057)

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High major (vote)
Assignee:	Gentoo Security

URL:	http://www.nop-art.net/advisories/air...
Whiteboard:	C1? [glsa] jaervosz
Keywords:

Depends on:
Blocks:

Reported:	2007-04-12 20:40 UTC by Timothy Redaelli (RETIRED)
Modified:	2007-04-22 21:19 UTC (History)
CC List:	3 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Timothy Redaelli (RETIRED) gentoo-dev

2007-04-12 20:40:42 UTC

I. DESCRIPTION

A buffer overflow vulnerability has been found in airodump-ng, part of
the aircrack-ng package.  The vulnerability could allow an attacker to
transmit specially crafted 802.11 packets to execute arbitrary code on
a remote machine running the airodump-ng tool.

Patch available here: http://trac.aircrack-ng.org/changeset/288

Comment 1 Vic Fryzel (shellsage) (RETIRED) gentoo-dev

2007-04-13 10:50:14 UTC

Any news on an upstream fixed release?

Comment 2 Ali Polatel (RETIRED) gentoo-dev

2007-04-13 14:40:11 UTC

 This has been fixed in the latest development sources:
 http://trac.aircrack-ng.org/changeset/288

Comment 3 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2007-04-13 16:18:57 UTC

netmon/crypto please advise.

Comment 4 Alon Bar-Lev (RETIRED) gentoo-dev

2007-04-13 16:45:25 UTC

I downgraded the diff in aircrack-ng-0.7-r2, I hope this version has no other issues, since it somewhat different.

Comment 5 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2007-04-13 19:29:53 UTC

x86 please test and mark aircrack-ng-0.7-r2 stable.

Btw thx for the note Ali.

Comment 6 Raúl Porcel (RETIRED) gentoo-dev

2007-04-13 21:22:40 UTC

x86 stable

Comment 7 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2007-04-18 05:15:02 UTC

Bah, that was only a partial commit.

Fixing rating as C1 (you have to enable --write and it's remote active)

Comment 8 Raphael Marichez (Falco) (RETIRED) gentoo-dev

2007-04-22 21:19:31 UTC

GLSA 200704-16, thanks to everybody