Author: stef-guest Date: 2007-05-17 09:11:12 +0000 (Thu, 17 May 2007) New Revision: 5857
Added: data/DTSA/advs/33-aircrack-ng.adv Modified: data/DTSA/list Log: aircrack-ng adv Added: data/DTSA/advs/33-aircrack-ng.adv =================================================================== --- data/DTSA/advs/33-aircrack-ng.adv (rev 0) +++ data/DTSA/advs/33-aircrack-ng.adv 2007-05-17 09:11:12 UTC (rev 5857) @@ -0,0 +1,15 @@ +source: aircrack-ng +date: May 16th, 2007 +author: Stefan Fritsch +vuln-type: programming error +problem-scope: remote +debian-specifc: no +cve: CVE-2007-2057 +vendor-advisory: http://www.nop-art.net/advisories/airodump-ng.txt +testing-fix: 1:0.8-0.1lenny1 +sid-fix: 1:0.7-3 +upgrade: apt-get install aircrack-ng + +It was discovered that aircrack-ng, a WEP/WPA security analysis tool, performs +insufficient validation of 802.11 authentication packets, which allows the +execution of arbitrary code. Modified: data/DTSA/list =================================================================== --- data/DTSA/list 2007-05-17 08:55:36 UTC (rev 5856) +++ data/DTSA/list 2007-05-17 09:11:12 UTC (rev 5857) @@ -92,3 +92,7 @@ [March 3rd, 2007] DTSA-34-1 wordpress - cross-site scripting {CVE-2007-1049 } [etch] - wordpress 2.0.9-1 +[May 16th, 2007] DTSA-33-1 aircrack-ng - programming error + {CVE-2007-2057 } + - aircrack-ng 1:0.8-0.1lenny1 + TODO: unreleased _______________________________________________ Secure-testing-commits mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
