oss-security February 2011 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: [oss-security] CVE request: aircrack-ng

[oss-security] CVE request: aircrack-ng

From: Marc Deslauriers <marc.deslauriers_at_nospam>
Date: Mon Feb 14 2011 - 23:54:57 GMT
To: oss-security@lists.openwall.com

Hello,

I can't seem to locate a CVE for this issue:

"Remote buffer overflow in aircrack-ng causes DOS and possible code
execution"
http://seclists.org/bugtraq/2010/Mar/236
http://pyrit.wordpress.com/2010/03/28/remote-exploit-against-aircrack-ng/

version 1.1 was released with the following fix:
http://trac.aircrack-ng.org/changeset/1676

This bug was then opened stating the fix was incomplete:
http://trac.aircrack-ng.org/ticket/728
https://bugzilla.redhat.com/show_bug.cgi?id=577654

And then the following commits were done post-1.1:
http://trac.aircrack-ng.org/changeset/1683
http://trac.aircrack-ng.org/changeset/1687
http://trac.aircrack-ng.org/changeset/1699
http://trac.aircrack-ng.org/changeset/1701
http://trac.aircrack-ng.org/changeset/1702

Thanks,

Marc.