KisMAC Cisco Vendor Tag Remote Buffer Overflow Vulnerability
BID:17198
Info
KisMAC Cisco Vendor Tag Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 17198 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 23 2006 12:00AM |
| Updated: | Mar 23 2006 05:44PM |
| Credit: | Discovered by Stefan Esser. |
| Vulnerable: |
KisMAC KisMAC 0.5 d4 KisMAC KisMAC 0.5 d KisMAC KisMAC 0.2 a KisMAC KisMAC 0.1 c KisMAC KisMAC 0.1 b KisMAC KisMAC 0.1 a KisMAC KisMAC 0.12a KisMAC KisMAC 0.11a KisMAC KisMAC 0.10a |
| Not Vulnerable: |
KisMAC KisMAC 73p |
Discussion
KisMAC Cisco Vendor Tag Remote Buffer Overflow Vulnerability
KisMAC is prone to a remote buffer-overflow vulnerability.
A successful attack can allow remote attackers to execute arbitrary code by sending a specially crafted 'pcap' file to a vulnerable user to be processed by the application or by supplying specially crafted management frames to a computer that is performing a passive scan on the network. This can lead to a remote compromise in the context of the application.
KisMAC versions prior to 73p are vulnerable to this issue.
KisMAC is prone to a remote buffer-overflow vulnerability.
A successful attack can allow remote attackers to execute arbitrary code by sending a specially crafted 'pcap' file to a vulnerable user to be processed by the application or by supplying specially crafted management frames to a computer that is performing a passive scan on the network. This can lead to a remote compromise in the context of the application.
KisMAC versions prior to 73p are vulnerable to this issue.
Exploit / POC
KisMAC Cisco Vendor Tag Remote Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Solution / Fix
KisMAC Cisco Vendor Tag Remote Buffer Overflow Vulnerability
Solution:
The vendor has released version 73p to address this issue.
KisMAC KisMAC 0.12a
KisMAC KisMAC 0.11a
KisMAC KisMAC 0.10a
KisMAC KisMAC 0.1 c
KisMAC KisMAC 0.1 b
KisMAC KisMAC 0.1 a
KisMAC KisMAC 0.2 a
KisMAC KisMAC 0.5 d
KisMAC KisMAC 0.5 d4
Solution:
The vendor has released version 73p to address this issue.
KisMAC KisMAC 0.12a
KisMAC KisMAC 0.11a
KisMAC KisMAC 0.10a
KisMAC KisMAC 0.1 c
KisMAC KisMAC 0.1 b
KisMAC KisMAC 0.1 a
KisMAC KisMAC 0.2 a
KisMAC KisMAC 0.5 d
KisMAC KisMAC 0.5 d4
References
KisMAC Cisco Vendor Tag Remote Buffer Overflow Vulnerability
References:
References:
- KisMAC Homepage (KisMAC)
- Advisory 03/2006: KisMAC Cisco Vendor Tag Encapsulated SSID Overflow (Stefan Esser