Full Disclosure mailing list archives

FLEA-2007-0012-1: madwifi

From: Foresight Linux Essential Announcement Service <foresight-security-noreply () foresightlinux org>
Date: Sun, 22 Apr 2007 22:36:05 -0400

Foresight Linux Essential Advisory: 2007-0012-1
Published: 2007-04-22

Rating: Moderate

Updated Versions:
 
madwifi=/drivers.rpath.org@rpl:devel//fl:desktop//foresight.rpath.org@fl:1-devel//1/0.9.3-0.0.0.1-1
     group-dist=/foresight.rpath.org@fl:1-devel//1/1.2.1-0.2-1

References:
     https://issues.foresightlinux.org/browse/FL-263
     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7177
     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7178
     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7179
     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7180

Description:
     Previous versions of the madwifi package were vulnerable to a number of 
Denial-of-Service issues, at least two of which can be exploited to cause a 
system crash (kernel oops). In addition, previous versions could be made to send 
unencrypted information before authentication finishes when using WPA, an 
information leak.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

FLEA-2007-0012-1: madwifi Foresight Linux Essential Announcement Service (Apr 22)