LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: September 15th, 2014
Linux Security Week: September 8th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Ubuntu: MadWifi vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu Laurent Butti, Jerome Razniewski, and Julien Tinnes discovered that the MadWifi wireless driver did not correctly check packet contents when receiving scan replies. A remote attacker could send a specially crafted packet and execute arbitrary code with root privileges.
=========================================================== 
Ubuntu Security Notice USN-404-1           January 09, 2007
linux-restricted-modules-2.6.17 vulnerability
CVE-2006-6332
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.10:
  linux-restricted-modules-2.6.17-10-386            2.6.17.7-10.1
  linux-restricted-modules-2.6.17-10-generic        2.6.17.7-10.1
  linux-restricted-modules-2.6.17-10-powerpc        2.6.17.7-10.1
  linux-restricted-modules-2.6.17-10-powerpc-smp    2.6.17.7-10.1
  linux-restricted-modules-2.6.17-10-powerpc64-smp  2.6.17.7-10.1
  linux-restricted-modules-2.6.17-10-sparc64        2.6.17.7-10.1
  linux-restricted-modules-2.6.17-10-sparc64-smp    2.6.17.7-10.1

After a standard system upgrade you need to reboot your computer to
effect the necessary changes.

Details follow:

Laurent Butti, Jerome Razniewski, and Julien Tinnes discovered that the 
MadWifi wireless driver did not correctly check packet contents when 
receiving scan replies.  A remote attacker could send a specially 
crafted packet and execute arbitrary code with root privileges.


Updated packages for Ubuntu 6.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/linux-restricted-modules-2.6.17_2.6.17.7-10.1.diff.gz
      Size/MD5:    91232 214d9eb16acbaf284a8f82c11bd5d8b3
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/linux-restricted-modules-2.6.17_2.6.17.7-10.1.dsc
      Size/MD5:     2615 0901f5c273c79ec85bf56572899e335a
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/linux-restricted-modules-2.6.17_2.6.17.7.orig.tar.gz
      Size/MD5: 94289230 283efe66f46b478dea207dac92b7e4e2

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/linux-restricted-modules-common_2.6.17.7-10.1_all.deb
      Size/MD5:    20046 fc9e08b82d203697e6edeb174e014d56

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/avm-fritz-firmware-2.6.17-10_3.11+2.6.17.7-10.1_amd64.deb
      Size/MD5:   476644 7dba162a9ea3618779d49ea813b39e63
    http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.17/avm-fritz-kernel-source_3.11+2.6.17.7-10.1_amd64.deb
      Size/MD5:  2128978 ddc1bc92aad390084f44851eba7f8f13
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/fglrx-control_8.28.8+2.6.17.7-10.1_amd64.deb
      Size/MD5:    77440 eb2d37f10a80e8e60cc4764e3e0830b9
    http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.17/fglrx-kernel-source_8.28.8+2.6.17.7-10.1_amd64.deb
      Size/MD5:   547416 df147ff036fc1778579e31c65ceee8b4
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/linux-restricted-modules-2.6.17-10-generic_2.6.17.7-10.1_amd64.deb
      Size/MD5:  6652168 5ab3b414242000d991cfdd26fe0ca790
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/nic-restricted-firmware-2.6.17-10-generic-di_2.6.17.7-10.1_amd64.udeb
      Size/MD5:   965684 9e8cc8f48186cdba5062946036503c0e
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/nic-restricted-modules-2.6.17-10-generic-di_2.6.17.7-10.1_amd64.udeb
      Size/MD5:   319162 ca1b9585da5679f8244355249b0478e9
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/nvidia-glx-dev_1.0.8776+2.6.17.7-10.1_amd64.deb
      Size/MD5:   168346 e820ff635b29d1aeaecc773c12f3ee72
    http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.17/nvidia-glx-legacy-dev_1.0.7184+2.6.17.7-10.1_amd64.deb
      Size/MD5:   162282 cef82a40001c27a3327c840580f5cb52
    http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.17/nvidia-glx-legacy_1.0.7184+2.6.17.7-10.1_amd64.deb
      Size/MD5:  6082192 ff3111d4c7ed1fc6c6b4c35867d9430a
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/nvidia-glx_1.0.8776+2.6.17.7-10.1_amd64.deb
      Size/MD5:  7330456 4c2e0fdc8bd60681f60474ddf26061d6
    http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.17/nvidia-kernel-source_1.0.8776+2.6.17.7-10.1_amd64.deb
      Size/MD5:  1755814 ac114a0980fafa0cf57c0756d9fd9527
    http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.17/nvidia-legacy-kernel-source_1.0.7184+2.6.17.7-10.1_amd64.deb
      Size/MD5:  1383436 f67a1ee6614974b13237733b78645c62
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/vmware-player-kernel-modules-2.6.17-10_2.6.17.7-10.1_amd64.deb
      Size/MD5:    94004 552f5d8fc06e9aa59576da7b67f8131a
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/xorg-driver-fglrx-dev_7.1.0-8.28.8+2.6.17.7-10.1_amd64.deb
      Size/MD5:   133420 fb954d2e41883f01bba5509520c3b9ad
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/xorg-driver-fglrx_7.1.0-8.28.8+2.6.17.7-10.1_amd64.deb
      Size/MD5: 16016566 ce33b64f6c5a9cd475ee1a18c9b53960

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/avm-fritz-firmware-2.6.17-10_3.11+2.6.17.7-10.1_i386.deb
      Size/MD5:  1206196 12521a61773333c13508bfd7beaac419
    http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.17/avm-fritz-kernel-source_3.11+2.6.17.7-10.1_i386.deb
      Size/MD5:  3426548 5c9430474ff8d62c3c25afb71e8d79b3
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/fglrx-control_8.28.8+2.6.17.7-10.1_i386.deb
      Size/MD5:    74754 afb132196c1c7866b4cb99a3ba8732ed
    http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.17/fglrx-kernel-source_8.28.8+2.6.17.7-10.1_i386.deb
      Size/MD5:   701646 7c4134ee10d0d7437524b1ead048ecc4
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/linux-restricted-modules-2.6.17-10-386_2.6.17.7-10.1_i386.deb
      Size/MD5:  7886310 f26bb6b9bae14b9852045a5ab0ac58af
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/linux-restricted-modules-2.6.17-10-generic_2.6.17.7-10.1_i386.deb
      Size/MD5:  7681780 8557d4dada52b5599601ab350d4be024
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/nic-restricted-firmware-2.6.17-10-386-di_2.6.17.7-10.1_i386.udeb
      Size/MD5:   965576 de0a40c398b3d48e90ff6585d02141a4
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/nic-restricted-modules-2.6.17-10-386-di_2.6.17.7-10.1_i386.udeb
      Size/MD5:   292854 a635d055aa568e4d86bcf0d2c9daf91f
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/nvidia-glx-dev_1.0.8776+2.6.17.7-10.1_i386.deb
      Size/MD5:   149150 1b0cb27d327e329a9f2feb43f25a698b
    http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.17/nvidia-glx-legacy-dev_1.0.7184+2.6.17.7-10.1_i386.deb
      Size/MD5:   141334 39f1cf2833fbf8cb7301ca7f0187e8f9
    http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.17/nvidia-glx-legacy_1.0.7184+2.6.17.7-10.1_i386.deb
      Size/MD5:  3070318 f3258aa7cfb59dbc58c29fbc1c467fac
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/nvidia-glx_1.0.8776+2.6.17.7-10.1_i386.deb
      Size/MD5:  4066148 d2cfe4aeae2d0853938b10c0fdcadd7c
    http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.17/nvidia-kernel-source_1.0.8776+2.6.17.7-10.1_i386.deb
      Size/MD5:  1695352 2c4696ca6aa4c33908d6318a0a4259a8
    http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-modules-2.6.17/nvidia-legacy-kernel-source_1.0.7184+2.6.17.7-10.1_i386.deb
      Size/MD5:  1374146 6aefb6f339290ff9d9c843149e0c60a4
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/vmware-player-kernel-modules-2.6.17-10_2.6.17.7-10.1_i386.deb
      Size/MD5:   140594 49a2b1a84dfbf8774c0ef71954365c79
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/xorg-driver-fglrx-dev_7.1.0-8.28.8+2.6.17.7-10.1_i386.deb
      Size/MD5:   117454 39e407bfeef903aa2179b653d8023b22
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/xorg-driver-fglrx_7.1.0-8.28.8+2.6.17.7-10.1_i386.deb
      Size/MD5:  9402232 885507596f2251bfdc9a0e0fea5f8e00

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/linux-restricted-modules-2.6.17-10-powerpc-smp_2.6.17.7-10.1_powerpc.deb
      Size/MD5:  1284986 6a793b7f7f89487263e599e6348be2f4
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/linux-restricted-modules-2.6.17-10-powerpc64-smp_2.6.17.7-10.1_powerpc.deb
      Size/MD5:   996346 4fb97a643472eb26b1cde62e18981bff
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/linux-restricted-modules-2.6.17-10-powerpc_2.6.17.7-10.1_powerpc.deb
      Size/MD5:  1282644 5ace738a3764e18ddc8c39e54a75de86
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/nic-restricted-firmware-2.6.17-10-powerpc-di_2.6.17.7-10.1_powerpc.udeb
      Size/MD5:   965672 6ae2f93d4bf75c23153d781a88753f4e
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/nic-restricted-modules-2.6.17-10-powerpc-di_2.6.17.7-10.1_powerpc.udeb
      Size/MD5:   287196 d6d299c4b86e52fca726007967017f09

  sparc architecture (Sun SPARC/UltraSPARC)

    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/linux-restricted-modules-2.6.17-10-sparc64-smp_2.6.17.7-10.1_sparc.deb
      Size/MD5:   996316 f901be5d353afa46f6edcce65291ee0d
    http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.17/linux-restricted-modules-2.6.17-10-sparc64_2.6.17.7-10.1_sparc.deb
      Size/MD5:   996232 c3285d37a897b01a14748998974fbbd1


 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Infosec geniuses hack a Canon PRINTER and install DOOM
How network virtualization is used as a security tool
Here's What Hackers Can Do With Your CRM Data
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.