Back to list
Madwifi DoS vulnerability
Oct 17 2007 12:44AM
Raul Siles (raul siles gmail com)
Re: Madwifi DoS vulnerability
Oct 18 2007 11:49AM
Robin Wood (dninja gmail com)
Madwifi have now released v0.9.3.3 which fixes this vulnerability.
The karma patch for 0.9.3.2 will work on this new version.
On 17/10/2007, Raul Siles <raul.siles (at) gmail (dot) com [email concealed]> wrote:
> Hi everyone,
> A malicious AP could broadcast specially crafted beacons and cause a
> DoS in all madwifi wireless clients :(
> It seems wireless fuzzing continues evolving. Take a look at the
> upcoming presentation in BH Japan:
> Raul Siles
> - From SANS Newsbites:
> 11. MadWifi Xrates Element Remote Denial of Service Vulnerability
> BugTraq ID: 26052
> Remote: Yes
> Date Published: 2007-10-12
> Relevant URL: http://www.securityfocus.com/bid/26052
> MadWifi is prone to a remote denial-of-service vulnerability because
> the application limits the size of the extended supported rates
> element in beacon frames transmitted from wireless access points.
> An attacker can exploit this issue to cause the affected computer to
> crash, denying further service to legitimate users.
> This issue affects MadWifi 0.9.3.2 and prior versions.
[ reply ]
Copyright 2010, SecurityFocus