Hi, * Nico Golde <[EMAIL PROTECTED]> [2007-10-16 17:59]: > Hi Kel, > * Kel Modderman <[EMAIL PROTECTED]> [2007-10-16 17:14]: > > tags 446824 pending > > thanks > > > > On Tue, 16 Oct 2007 08:37:31 am Nico Golde wrote: > > > | Madwifi 0.9.3.2 and earlier allows remote attackers to cause a denial > > > | of service (panic) via a beacon frame with a large length value in the > > > | extended supported rates (xrates) element, which triggers an assertion > > > | error, related to net80211/ieee80211_scan_ap.c and > > > | net80211/ieee80211_scan_sta.c. > > > > net80211/ieee80211_scan_ap.c in not vulnerable in any stable release from > > madwifi.org[0], the CVE is slightly misleading in regards to that detail. > > Well I never said it is :) But thanks for the information, I > checked this and added it as not-affected to the security > tracker.
Correction, I misunderstood you, thanks Moritz for pointing me to this. At least the code in ieee80211_scan_sta.c is vulnerable in the Debian versions if I don't miss anything. Kind regards Nico -- Nico Golde - http://ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgp9Dq2wwuYWo.pgp
Description: PGP signature
