On Wed, 17 Oct 2007 03:01:24 am Nico Golde wrote: > Hi, > > * Nico Golde <[EMAIL PROTECTED]> [2007-10-16 17:59]: > > Hi Kel, > > > > * Kel Modderman <[EMAIL PROTECTED]> [2007-10-16 17:14]: > > > tags 446824 pending > > > thanks > > > > > > On Tue, 16 Oct 2007 08:37:31 am Nico Golde wrote: > > > > | Madwifi 0.9.3.2 and earlier allows remote attackers to cause a > > > > | denial of service (panic) via a beacon frame with a large length > > > > | value in the extended supported rates (xrates) element, which > > > > | triggers an assertion error, related to > > > > | net80211/ieee80211_scan_ap.c and > > > > | net80211/ieee80211_scan_sta.c. > > > > > > net80211/ieee80211_scan_ap.c in not vulnerable in any stable release > > > from madwifi.org[0], the CVE is slightly misleading in regards to that > > > detail. > > > > Well I never said it is :) But thanks for the information, I > > checked this and added it as not-affected to the security > > tracker. > > Correction, I misunderstood you, thanks Moritz for pointing > me to this. At least the code in ieee80211_scan_sta.c is > vulnerable in the Debian versions if I don't miss anything. > Kind regards > Nico
Yes, thats correct. ieee80211_scan_sta.c is vulnerable in all upstream and debian versions. Kel. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
