drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Pufferüberlauf in aircrack-ng
Name: |
Pufferüberlauf in aircrack-ng |
|
ID: |
DTSA-35-1 |
|
Distribution: |
Debian Testing |
|
Plattformen: |
Debian testing |
|
Datum: |
Di, 22. Mai 2007, 20:23 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2057 |
|
Applikationen: |
Aircrack-ng |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
- -------------------------------------------------------------------------- Debian Testing Security Advisory DTSA-35-1 May 16th, 2007 secure-testing-team@lists.alioth.debian.org Stefan Fritsch http://secure-testing-master.debian.net/ - --------------------------------------------------------------------------
Package : aircrack-ng Vulnerability : programming error Problem-Scope : remote Debian-specific: No CVE ID : CVE-2007-2057
It was discovered that aircrack-ng, a WEP/WPA security analysis tool, performs insufficient validation of 802.11 authentication packets, which allows the execution of arbitrary code.
For the testing distribution (etch) this is fixed in version 1:0.8-0.1lenny1
Packages for the alpha, mipsel, and powerpc architectures are still missing and will be released when they become available.
For the unstable distribution (sid) this is fixed in version 1:0.7-3
This upgrade is recommended if you use aircrack-ng.
Upgrade Instructions - --------------------
To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list:
deb http://security.debian.org/ testing/updates main contrib non-free deb-src http://security.debian.org/ testing/updates main contrib non-free
To install the update, run this command as root:
apt-get update && apt-get install aircrack-ng
For further information about the Debian testing security team, please refer to http://secure-testing-master.debian.net/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGUyyvbxelr8HyTqQRAgFTAJwJBxgSz+zhijwz883/S/jLUx1VTgCgtkyB 72owAarOLrUpcSMVfcyK/Tk= =5HPR -----END PGP SIGNATURE-----
_______________________________________________ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
|
|
|
|