GLSA-200612-09 : MadWifi: Kernel driver buffer overflow

This script is Copyright (C) 2006-2014 Tenable Network Security, Inc.


Synopsis :

The remote Gentoo host is missing one or more security-related
patches.

Description :

The remote host is affected by the vulnerability described in GLSA-200612-09
(MadWifi: Kernel driver buffer overflow)

Laurent Butti, Jerome Raznieski and Julien Tinnes reported a buffer
overflow in the encode_ie() and the giwscan_cb() functions from
ieee80211_wireless.c.

Impact :

A remote attacker could send specially crafted wireless WPA packets
containing malicious RSN Information Headers (IE) that could
potentially lead to the remote execution of arbitrary code as the root
user.

Workaround :

There is no known workaround at this time.

See also :

http://www.gentoo.org/security/en/glsa/glsa-200612-09.xml

Solution :

All MadWifi users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=net-wireless/madwifi-ng-0.9.2.1'

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
Public Exploit Available : true

Family: Gentoo Local Security Checks

Nessus Plugin ID: 23861 (gentoo_GLSA-200612-09.nasl)

Bugtraq ID:

CVE ID: CVE-2006-6332