MadWIFI Channel Switch Announcement Information Elements Denial of Service Vulnerability
BID:23436
Info
MadWIFI Channel Switch Announcement Information Elements Denial of Service Vulnerability
| Bugtraq ID: | 23436 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2006-7179 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 11 2007 12:00AM |
| Updated: | Jul 24 2007 04:56AM |
| Credit: | xmxwx is credited with reporting this issue. |
| Vulnerable: |
Ubuntu Ubuntu Linux 7.04 sparc Ubuntu Ubuntu Linux 7.04 powerpc Ubuntu Ubuntu Linux 7.04 i386 Ubuntu Ubuntu Linux 7.04 amd64 Ubuntu Ubuntu Linux 6.10 sparc Ubuntu Ubuntu Linux 6.10 powerpc Ubuntu Ubuntu Linux 6.10 i386 Ubuntu Ubuntu Linux 6.10 amd64 Ubuntu Ubuntu Linux 6.06 LTS sparc Ubuntu Ubuntu Linux 6.06 LTS powerpc Ubuntu Ubuntu Linux 6.06 LTS i386 Ubuntu Ubuntu Linux 6.06 LTS amd64 SuSE Linux Desktop 10 Pardus Linux 2007.1 MADWifi MADWifi 0.9.2 MADWifi MADWifi 0.9.2.1 Gentoo net-wireless/madwifi-ng 0.9.2.1 Foresight Linux Foresight Linux 1.1 |
| Not Vulnerable: |
MADWifi MADWifi 0.9.3 Gentoo net-wireless/madwifi-ng 0.9.3 |
Discussion
MadWIFI Channel Switch Announcement Information Elements Denial of Service Vulnerability
MadWifi is prone to a denial-of-service vulnerability because if fails to properly handle certain network packets.
An attacker may exploit this issue by submitting a maliciously crafted packet to the vulnerable computer.
Attackers can exploit this issue to switch a communication channel, causing loss of communication and thus denying service to legitimate users.
Versions prior to MadWifi 0.9.3 are vulnerable.
MadWifi is prone to a denial-of-service vulnerability because if fails to properly handle certain network packets.
An attacker may exploit this issue by submitting a maliciously crafted packet to the vulnerable computer.
Attackers can exploit this issue to switch a communication channel, causing loss of communication and thus denying service to legitimate users.
Versions prior to MadWifi 0.9.3 are vulnerable.
Exploit / POC
MadWIFI Channel Switch Announcement Information Elements Denial of Service Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
MadWIFI Channel Switch Announcement Information Elements Denial of Service Vulnerability
Solution:
The vendor released fixes to address this issue. Please see the references for more information.
MADWifi MADWifi 0.9.2.1
MADWifi MADWifi 0.9.2
Solution:
The vendor released fixes to address this issue. Please see the references for more information.
MADWifi MADWifi 0.9.2.1
-
MADWifi madwifi-0.9.3.tar.gz
http://downloads.sourceforge.net/madwifi/madwifi-0.9.3.tar.gz?modtime= 1174314363&big_mirror=0
MADWifi MADWifi 0.9.2
-
MADWifi madwifi-0.9.3.tar.gz
http://downloads.sourceforge.net/madwifi/madwifi-0.9.3.tar.gz?modtime= 1174314363&big_mirror=0
References
MadWIFI Channel Switch Announcement Information Elements Denial of Service Vulnerability
References:
References: