oss-sec mailing list archives

CVE request: aircrack-ng

From: Marc Deslauriers <marc.deslauriers () canonical com>
Date: Mon, 14 Feb 2011 18:54:57 -0500

Hello,

I can't seem to locate a CVE for this issue:

"Remote buffer overflow in aircrack-ng causes DOS and possible code
execution"
http://seclists.org/bugtraq/2010/Mar/236
http://pyrit.wordpress.com/2010/03/28/remote-exploit-against-aircrack-ng/

version 1.1 was released with the following fix:
http://trac.aircrack-ng.org/changeset/1676

This bug was then opened stating the fix was incomplete:
http://trac.aircrack-ng.org/ticket/728
https://bugzilla.redhat.com/show_bug.cgi?id=577654

And then the following commits were done post-1.1:
http://trac.aircrack-ng.org/changeset/1683
http://trac.aircrack-ng.org/changeset/1687
http://trac.aircrack-ng.org/changeset/1699
http://trac.aircrack-ng.org/changeset/1701
http://trac.aircrack-ng.org/changeset/1702

Thanks,

Marc.

Current thread:

CVE request: aircrack-ng Marc Deslauriers (Feb 14)
- Re: CVE request: aircrack-ng Nico Golde (Feb 15)