|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Secunia Security Advisories (sec-adv
secunia.com)
Date: Wed Apr 04 2007 - 21:47:05 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
----------------------------------------------------------------------
Secunia customers receive relevant and filtered advisories.
Delivery is done via different channels including SMS, Email, Web,
and https based XML feed.
http://corporate.secunia.com/trial/38/request/
----------------------------------------------------------------------
TITLE:
MadWifi Denial of Service and Information Disclosure Vulnerabilities
SECUNIA ADVISORY ID:
SA24670
VERIFY ADVISORY:
http://secunia.com/advisories/24670/
CRITICAL:
Moderately critical
IMPACT:
Exposure of sensitive information, DoS
WHERE:
From remote
SOFTWARE:
MadWifi 0.x
http://secunia.com/product/12842/
DESCRIPTION:
Some vulnerabilities have been reported in MadWifi, which can be
exploited by malicious people to gain knowledge of potentially
sensitive information or cause a DoS (Denial of Service).
1) An error within the "ieee80211_input()" function when handling
AUTH frames from IBSS nodes can be exploited to cause a kernel crash
by sending specially crafted AUTH frames.
Successful exploitation may require that the "Ad-Hoc" mode is used.
2) MadWifi does not correctly handle Channel Switch Announcements.
This can be exploited to force a channel switch thus interrupting the
communication by injecting a Channel Switch Announcement with "CS
Count" set to 1 or less.
3) An error within ieee80211_output.c may cause unencrypted packets
to be sent before the WPA authentication is completed. This can be
exploited to gain knowledge of certain sensitive information, which
may be leveraged for further attacks.
The vulnerabilities are reported in versions prior to 0.9.3.
SOLUTION:
Update to version 0.9.3.
PROVIDED AND/OR DISCOVERED BY:
1) kurth
2, 3) Reported by the vendor.
ORIGINAL ADVISORY:
http://madwifi.org/ticket/880
http://madwifi.org/ticket/963
http://madwifi.org/ticket/967
http://madwifi.org/wiki/Releases/0.9.3
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
----------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]