|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200612-09] MadWifi: Kernel driver buffer overflow Vulnerability Scan
Vulnerability Scan Summary MadWifi: Kernel driver buffer overflow
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200612-09
(MadWifi: Kernel driver buffer overflow)
Laurent Butti, Jerome Raznieski and Julien Tinnes reported a buffer
overflow in the encode_ie() and the giwscan_cb() functions from
ieee80211_wireless.c.
Impact
A remote attacker could send specially crafted wireless WPA packets
containing malicious RSN Information Headers (IE) that could
potentially lead to the remote execution of arbitrary code as the root
user.
Workaround
There is no known workaround at this time.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6332
Solution:
All MadWifi users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-wireless/madwifi-ng-0.9.2.1"
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|