Faidon Liambotis wrote: > Luk Claes wrote: >>> CVE-2007-5448[0]: >>> | Madwifi 0.9.3.2 and earlier allows remote attackers to cause a denial >>> | of service (panic) via a beacon frame with a large length value in the >>> | extended supported rates (xrates) element, which triggers an assertion >>> | error, related to net80211/ieee80211_scan_ap.c and >>> | net80211/ieee80211_scan_sta.c. >>> >>> If you fix this vulnerability please also include the CVE id >>> in your changelog entry. >>> >>> This is fixed in upstream svn on: >>> http://madwifi.org/changeset/2736 >>> >>> For further information: >>> [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5448 >> Can you please upload a fixed package to stable? > This is remotely exploitable over the air -- an attacker could send a > specially crafted packet with his wireless device and crash all affected > systems literally around him. Imagine exploiting this e.g. on a DebConf. > > IMHO (I'm not a maintainer) this should be fixed ASAP in stable-security > and the DSA should include that manual action is required to actually > fix this (rebuilding and reloading the kernel modules).
non-free is not supported by the security team, that's why I ask the maintainer to upload it... Cheers Luk -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]