Aircrack-ng Airodump-ng Authentication Packet Buffer Overflow Vulnerability
BID:23467
Info
Aircrack-ng Airodump-ng Authentication Packet Buffer Overflow Vulnerability
| Bugtraq ID: | 23467 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-2057 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 12 2007 12:00AM |
| Updated: | Apr 30 2007 04:30PM |
| Credit: | Jonathan So is credited with the discovery of this issue. |
| Vulnerable: |
Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia-64 Debian Linux 4.0 ia-32 Debian Linux 4.0 hppa Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Debian Linux 4.0 Aircrack-ng Airodump-ng 0.6.2 Aircrack-ng Airodump-ng 0.7 |
| Not Vulnerable: | |
Discussion
Aircrack-ng Airodump-ng Authentication Packet Buffer Overflow Vulnerability
Aircrack-ng Airodump-ng is prone to a remote buffer-overflow because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
Only applications running with '-w or --write' parameters are vulnerable to this issue.
An attacker could exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial of service.
Airodump-ng 0.7 is vulnerable to this issue; other versions may also be vulnerable.
Aircrack-ng Airodump-ng is prone to a remote buffer-overflow because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
Only applications running with '-w or --write' parameters are vulnerable to this issue.
An attacker could exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial of service.
Airodump-ng 0.7 is vulnerable to this issue; other versions may also be vulnerable.
Exploit / POC
Aircrack-ng Airodump-ng Authentication Packet Buffer Overflow Vulnerability
The following exploit code is available:
The following exploit code is available:
Solution / Fix
Aircrack-ng Airodump-ng Authentication Packet Buffer Overflow Vulnerability
Solution:
The vendor addressed this issue in SVN. Please see the references for more information.
Aircrack-ng Airodump-ng 0.6.2
Solution:
The vendor addressed this issue in SVN. Please see the references for more information.
Aircrack-ng Airodump-ng 0.6.2
-
Debian aircrack-ng_0.6.2-7etch1_alpha.deb
Debian GNU/Linux 4.0 alias etch
http://security.debian.org/pool/updates/main/a/aircrack-ng/aircrack-ng _0.6.2-7etch1_alpha.deb -
Debian aircrack-ng_0.6.2-7etch1_amd64.deb
Debian GNU/Linux 4.0 alias etch
http://security.debian.org/pool/updates/main/a/aircrack-ng/aircrack-ng _0.6.2-7etch1_amd64.deb -
Debian aircrack-ng_0.6.2-7etch1_hppa.deb
Debian GNU/Linux 4.0 alias etch
http://security.debian.org/pool/updates/main/a/aircrack-ng/aircrack-ng _0.6.2-7etch1_hppa.deb -
Debian aircrack-ng_0.6.2-7etch1_i386.deb
Debian GNU/Linux 4.0 alias etch
http://security.debian.org/pool/updates/main/a/aircrack-ng/aircrack-ng _0.6.2-7etch1_i386.deb -
Debian aircrack-ng_0.6.2-7etch1_ia64.deb
Debian GNU/Linux 4.0 alias etch
http://security.debian.org/pool/updates/main/a/aircrack-ng/aircrack-ng _0.6.2-7etch1_ia64.deb -
Debian aircrack-ng_0.6.2-7etch1_powerpc.deb
Debian GNU/Linux 4.0 alias etch
http://security.debian.org/pool/updates/main/a/aircrack-ng/aircrack-ng _0.6.2-7etch1_powerpc.deb -
Debian aircrack-ng_0.6.2-7etch1_s390.deb
Debian GNU/Linux 4.0 alias etch
http://security.debian.org/pool/updates/main/a/aircrack-ng/aircrack-ng _0.6.2-7etch1_s390.deb -
Debian aircrack_0.6.2-7etch1_all.deb
Debian GNU/Linux 4.0 alias etch
http://security.debian.org/pool/updates/main/a/aircrack-ng/aircrack_0. 6.2-7etch1_all.deb
References
Aircrack-ng Airodump-ng Authentication Packet Buffer Overflow Vulnerability
References:
References:
- Remote buffer overflow vulnerability in airodump-ng (Aircrack-ng)
- Aircrack-ng Homepage (Aircrack-ng)
- Vulnerability Note VU#349828 Airodump-ng buffer overflow vulnerability (US-CERT)