GLSA-200612-09 : MadWifi: Kernel driver buffer overflow

High Nessus Plugin ID 23861

Synopsis

The remote Gentoo host is missing one or more security-related patches.

Description

The remote host is affected by the vulnerability described in GLSA-200612-09 (MadWifi: Kernel driver buffer overflow)

Laurent Butti, Jerome Raznieski and Julien Tinnes reported a buffer overflow in the encode_ie() and the giwscan_cb() functions from ieee80211_wireless.c.
Impact :

A remote attacker could send specially crafted wireless WPA packets containing malicious RSN Information Headers (IE) that could potentially lead to the remote execution of arbitrary code as the root user.
Workaround :

There is no known workaround at this time.

Solution

All MadWifi users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=net-wireless/madwifi-ng-0.9.2.1'

See Also

https://security.gentoo.org/glsa/200612-09

Plugin Details

Severity: High

ID: 23861

File Name: gentoo_GLSA-200612-09.nasl

Version: $Revision: 1.13 $

Type: local

Published: 2006/12/14

Modified: 2015/04/13

Dependencies: 12634

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:gentoo:linux:madwifi-ng, cpe:/o:gentoo:linux

Required KB Items: Host/local_checks_enabled, Host/Gentoo/release, Host/Gentoo/qpkg-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2006/12/10

Reference Information

CVE: CVE-2006-6332

BID: 21486

GLSA: 200612-09