|Summary:||net-wireless/aircrack-ng remote buffer overflow vulnerability (CVE-2007-2057)|
|Product:||Gentoo Security||Reporter:||Timothy Redaelli (RETIRED) <drizzt>|
|Component:||Vulnerabilities||Assignee:||Gentoo Security <security>|
|Severity:||major||CC:||crypto+disabled, hawking, netmon|
|Whiteboard:||C1? [glsa] jaervosz|
|Package list:||Runtime testing required:||---|
Description Timothy Redaelli (RETIRED) 2007-04-12 20:40:42 UTC
I. DESCRIPTION A buffer overflow vulnerability has been found in airodump-ng, part of the aircrack-ng package. The vulnerability could allow an attacker to transmit specially crafted 802.11 packets to execute arbitrary code on a remote machine running the airodump-ng tool. Patch available here: http://trac.aircrack-ng.org/changeset/288
Comment 1 Vic Fryzel (shellsage) (RETIRED) 2007-04-13 10:50:14 UTC
Any news on an upstream fixed release?
Comment 2 Ali Polatel (RETIRED) 2007-04-13 14:40:11 UTC
This has been fixed in the latest development sources: http://trac.aircrack-ng.org/changeset/288
Comment 3 Sune Kloppenborg Jeppesen (RETIRED) 2007-04-13 16:18:57 UTC
netmon/crypto please advise.
Comment 4 Alon Bar-Lev (RETIRED) 2007-04-13 16:45:25 UTC
I downgraded the diff in aircrack-ng-0.7-r2, I hope this version has no other issues, since it somewhat different.
Comment 5 Sune Kloppenborg Jeppesen (RETIRED) 2007-04-13 19:29:53 UTC
x86 please test and mark aircrack-ng-0.7-r2 stable. Btw thx for the note Ali.
Comment 6 Raúl Porcel (RETIRED) 2007-04-13 21:22:40 UTC
Comment 7 Sune Kloppenborg Jeppesen (RETIRED) 2007-04-18 05:15:02 UTC
Bah, that was only a partial commit. Fixing rating as C1 (you have to enable --write and it's remote active)
Comment 8 Raphael Marichez (Falco) (RETIRED) 2007-04-22 21:19:31 UTC
GLSA 200704-16, thanks to everybody