SUSE CVE-2005-4835

The athratesample function in the athrate/sample/sample.c sample code in MadWifi before 0.9.3 allows remote attackers to cause a denial of service failed KASSERT and system crash by moving a connected system to a location with low signal strength, and possibly other vectors related to a race...

SUSE CVE-2006-6332

Stack-based buffer overflow in net80211/ieee80211wireless.c in MadWifi before 0.9.2.1 allows remote attackers to execute arbitrary code via unspecified vectors, related to the encodeie and giwscancb functions...

SUSE CVE-2006-7178

MadWifi before 0.9.3 does not properly handle reception of an AUTH frame by an IBSS node, which allows remote attackers to cause a denial of service system crash via a certain AUTH frame...

SUSE CVE-2006-7179

ieee80211input.c in MadWifi before 0.9.3 does not properly process Channel Switch Announcement Information Elements CSA IEs, which allows remote attackers to cause a denial of service loss of communication via a Channel Switch Count less than or equal to one, triggering a channel change...

SUSE CVE-2007-2831

Array index error in the 1 ieee80211ioctlgetwmmparams and 2 ieee80211ioctlsetwmmparams functions in net80211/ieee80211wireless.c in MadWifi before 0.9.3.1 allows local users to cause a denial of service system crash, possibly obtain kernel memory contents, and possibly execute arbitrary code via ...

SUSE CVE-2007-2830

The athbeaconconfig function in ifath.c in MadWifi before 0.9.3.1 allows remote attackers to cause a denial of service system crash via crafted beacon interval information when scanning for access points, which triggers a divide-by-zero error...

SUSE CVE-2007-5448

Madwifi 0.9.3.2 and earlier allows remote attackers to cause a denial of service panic via a beacon frame with a large length value in the extended supported rates xrates element, which triggers an assertion error, related to net80211/ieee80211scanap.c and net80211/ieee80211scansta.c...

CVE-2006-7178

MadWifi before 0.9.3 does not properly handle reception of an AUTH frame by an IBSS node, which allows remote attackers to cause a denial of service system crash via a certain AUTH frame...

CVE-2006-7177

MadWifi, when Ad-Hoc mode is used, allows remote attackers to cause a denial of service system crash via unspecified vectors that lead to a kernel panic in the ieee80211input function, related to "packets coming from a 'malicious' WinXP system."...

CVE-2006-7180

ieee80211output.c in MadWifi before 0.9.3 sends unencrypted packets before WPA authentication succeeds, which allows remote attackers to obtain sensitive information related to network structure, and possibly cause a denial of service disrupted authentication and conduct spoofing attacks...

CVE-2005-4835

The athratesample function in the athrate/sample/sample.c sample code in MadWifi before 0.9.3 allows remote attackers to cause a denial of service failed KASSERT and system crash by moving a connected system to a location with low signal strength, and possibly other vectors related to a race...

Madwifi < 0.9.2.1 - SIOCGIWSCAN Buffer Overflow

No description provided by source. Madwifi remote kernel exploit 100% reliable, does'nt crash wifi stack, can exploit same target multiple times Julien TINNES julien at cr0.org Laurent BUTTI 0x9090 at gmail.com vuln in giwscancb, here's the path: ieee80211ioctlgiwscan - ieee80211scaniterate -...

Madwifi SIOCGIWSCAN Buffer Overflow

No description provided by source. $Id: madwifigiwscancb.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms o...

Scientific Linux Security Update : madwifi on SL5.x, SL4.x i386/x86_64

Madwifi 0.9.3.1 Release note: http://madwifi.org/wiki/news/20070523/release-0-9-3-1-fixes-three-secu rity-issue Security fixes in 0.9.3.1 : - http://madwifi.org/ticket/1270 In the madwifi/ath component ifath.c handles the beacon configuration related initialization task both for clients and aps i...

Scientific Linux Security Update : madwifi on SL5.x i386/x86_64

Madwifi 0.9.3.2 and earlier allows remote attackers to cause a denial of service panic via a beacon frame with a large length value in the extended supported rates xrates element, which triggers an assertion error, related to net80211/ieee80211scanap.c and net80211/ieee80211scansta.c...

Madwifi - SIOCGIWSCAN Buffer Overflow (Metasploit)

$Id: madwifigiwscancb.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Madwifi SIOCGIWSCAN Buffer Overflow

Madwifi remote kernel exploit 100% reliable, does'nt crash wifi stack, can exploit same target multiple times Julien TINNES Laurent BUTTI vuln in giwscancb, here's the path: ieee80211ioctlgiwscan - ieee80211scaniterate - staiterate - giwscancb require 'msf/core' require 'metasm' class Metasploit3...

Ubuntu: Security Advisory (USN-404-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200704-15 (Madwifi-ng)

The remote host is missing updates announced in advisory GLSA 200704-15. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200612-09 (madwifi-ng)

The remote host is missing updates announced in advisory GLSA 200612-09. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...