Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 266677 Details for
Bug 311797
<net-wireless/aircrack-ng-1.1-r2: Buffer overflow (CVE-2010-1159)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch for review
aircrack-ng-1.1-r1-CVE-2010-1159.patch (text/plain), 1014 bytes, created by
Tim Sammut (RETIRED)
on 2011-03-21 05:22:04 UTC
(
hide
)
Description:
Patch for review
Filename:
MIME Type:
Creator:
Tim Sammut (RETIRED)
Created:
2011-03-21 05:22:04 UTC
Size:
1014 bytes
patch
obsolete
>--- src/airodump-ng.c >+++ src/airodump-ng.c >@@ -2126,7 +2126,7 @@ > st_cur->wpa.eapol_size = ( h80211[z + 2] << 8 ) > + h80211[z + 3] + 4; > >- if ((int)pkh.len - z < st_cur->wpa.eapol_size || st_cur->wpa.eapol_size == 0) >+ if (caplen - z < st_cur->wpa.eapol_size || st_cur->wpa.eapol_size == 0 || caplen - z < 81 + 16 || st_cur->wpa.eapol_size > 256) > { > // Ignore the packet trying to crash us. > goto write_packet; >@@ -2158,7 +2158,7 @@ > st_cur->wpa.eapol_size = ( h80211[z + 2] << 8 ) > + h80211[z + 3] + 4; > >- if ((int)pkh.len - z < st_cur->wpa.eapol_size || st_cur->wpa.eapol_size == 0) >+ if (caplen - z < st_cur->wpa.eapol_size || st_cur->wpa.eapol_size == 0 || caplen - z < 81 + 16 || st_cur->wpa.eapol_size > 256) > { > // Ignore the packet trying to crash us. > goto write_packet;
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=266677">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 311797
:
225585
|
266675
| 266677
