CVE-2006-6332 Madwifi Wireless Driver Buffer Overflow Vulnerability Advisory

Vulnerability Key Information Vulnerability ID: VU#925529 Vulnerability Name: Madwifi Wireless Driver Buffer Overflow Vulnerability Original Release Date: 2006-12-08 Last Revised Date: 2007-01-10 Vulnerability Overview: A buffer overflow vulnerability exists in the Madwifi wireless driver. Successful exploitation may allow an attacker to execute arbitrary code or cause a denial of service. Vulnerability Description: The Madwifi driver is a Linux kernel device driver for Atheros-based 802.11 a/b/g compatible wireless network cards. The vulnerability arises from improper handling of management frames during processing of probe response information elements. An attacker within wireless range can trigger the vulnerability by sending specific 802.11 management frames. 802.11b and 802.11g management frames are unencrypted; wireless encryption (WEP/WPA) does not mitigate this vulnerability. Impact: Remote, unauthenticated attackers within radio range may execute arbitrary code with kernel privileges or cause a denial of service. Solution: The Madwifi team has released an update to fix this issue. Users who did not compile the kernel from source should refer to the affected systems section in the documentation. Vendor Information: Affected: Gentoo Linux, MadWifi, Novell Not Affected: Debian GNU/Linux, Fedora Project, Openwall GNU/LINUX, Red Hat Unknown: Conectiva Inc, Engarde Secure Linux, Hewlett-Packard Company CVSS Metrics: Du Lin Bi Li Move mined CVE ID: CVE-2006-6332 Severity Metric: 3.37 Public Disclosure Date: 2006-12-07 First Published Date: 2006-12-08 Last Updated Date: 2007-01-10 16:44 UTC Document Revision: 36

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2006-6332 Madwifi Wireless Driver Buffer Overflow Vulnerability Advisory