You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Author: Jonathan So < jonny [ @ ] nop-art [ dot ] net>
I. DESCRIPTION
A stack overflow vulnerability has been found in airodump-ng, part of the
aircrack-ng package. The vulnerability could allow an attacker to
transmit specially crafted 802.11 packets to execute arbitrary code on a
remote machine running the aerodump-ng tool.
II. DETAILS
Aerodump-ng fails to check the size of 802.11 authentication packets
before copying into an insufficiently sized global buffer. As a result
it is possible to overwrite another global variable passed as the size
parameter to a subsequent memcpy() operation, in order to overflow a
stack buffer.
This vulnerability has been successfully exploited against on an x86
Linux 2.6.20 machine running airodump-ng 0.7. Other versions and
platforms are also likely to be affected.
The text was updated successfully, but these errors were encountered:
Reported by jonny on 12 Apr 2007 14:52 UTC
Author: Jonathan So < jonny [ @ ] nop-art [ dot ] net>
I. DESCRIPTION
A stack overflow vulnerability has been found in airodump-ng, part of the
aircrack-ng package. The vulnerability could allow an attacker to
transmit specially crafted 802.11 packets to execute arbitrary code on a
remote machine running the aerodump-ng tool.
II. DETAILS
Aerodump-ng fails to check the size of 802.11 authentication packets
before copying into an insufficiently sized global buffer. As a result
it is possible to overwrite another global variable passed as the size
parameter to a subsequent memcpy() operation, in order to overflow a
stack buffer.
This vulnerability has been successfully exploited against on an x86
Linux 2.6.20 machine running airodump-ng 0.7. Other versions and
platforms are also likely to be affected.
The text was updated successfully, but these errors were encountered: