I. DESCRIPTION A buffer overflow vulnerability has been found in airodump-ng, part of the aircrack-ng package. The vulnerability could allow an attacker to transmit specially crafted 802.11 packets to execute arbitrary code on a remote machine running the airodump-ng tool. Patch available here: http://trac.aircrack-ng.org/changeset/288
Any news on an upstream fixed release?
This has been fixed in the latest development sources: http://trac.aircrack-ng.org/changeset/288
netmon/crypto please advise.
I downgraded the diff in aircrack-ng-0.7-r2, I hope this version has no other issues, since it somewhat different.
x86 please test and mark aircrack-ng-0.7-r2 stable. Btw thx for the note Ali.
x86 stable
Bah, that was only a partial commit. Fixing rating as C1 (you have to enable --write and it's remote active)
GLSA 200704-16, thanks to everybody