BID:39045

Aircrack-ng EAPOL Packet Processing Buffer Overflow Vulnerability

Info

Aircrack-ng EAPOL Packet Processing Buffer Overflow Vulnerability

Bugtraq ID:	39045
Class:	Boundary Condition Error
CVE:	CVE-2010-1159
Remote:	Yes
Local:	No
Published:	Mar 27 2010 12:00AM
Updated:	Oct 21 2013 01:07AM
Credit:	Lukas Lueg
Vulnerable:	Gentoo Linux Aircrack-ng Aircrack-ng 1.0

Not Vulnerable:

Discussion

Aircrack-ng EAPOL Packet Processing Buffer Overflow Vulnerability

Aircrack-ng is prone to a buffer-overflow vulnerability.

Attackers can leverage this issue to execute arbitrary code within the context of the vulnerable application. Failed attacks will likely cause denial-of-service conditions.

Exploit / POC

Aircrack-ng EAPOL Packet Processing Buffer Overflow Vulnerability

The following proofs of concept are available:

/data/vulnerabilities/exploits/39045.py
/data/vulnerabilities/exploits/39045-2.py

Solution / Fix

Aircrack-ng EAPOL Packet Processing Buffer Overflow Vulnerability

Solution:
Updates are available via the project source code repository; please see the references for more information.

References

Aircrack-ng EAPOL Packet Processing Buffer Overflow Vulnerability

References:

Aircrack-ng Home Page (Aircrack-ng)
Aircrack-ng still vulnerable / honeypot (ebfe)
Changeset 1676 (misterx)
Changeset 1683 (misterx)
Monthly news (April 2010) (Mister_X)
Remote-exploit against Aircrack-ng (ebfe)