Package: aircrack-ng Tags: security An exploit for a security vulnerability in aircrack-ng has been published:
| The tools' code responsible for parsing IEEE802.11-packets assumes the | self-proclaimed length of a EAPOL-packet to be correct and never to exceed | a (arbitrary) maximum size of 256 bytes for packets that are part of the | EAPOL-authentication. [...] <http://pyrit.googlecode.com/svn/tags/opt/aircrackng_exploit.py> The fix seems to be fixed in r1676 and r1683: <http://trac.aircrack-ng.org/changeset/1676> <http://trac.aircrack-ng.org/changeset/1683> This doesn't seem to warrant a DSA, please ask the stable release team to upload a fixed version for stable. Thanks. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]

