MadWifi vulnerabilities

2007-06-29T00:00:00
ID USN-479-1
Type ubuntu
Reporter Ubuntu
Modified 2007-06-29T00:00:00

Description

Multiple flaws in the MadWifi driver were discovered that could lead to a system crash. A physically near-by attacker could generate specially crafted wireless network traffic and cause a denial of service. (CVE-2006-7177, CVE-2006-7178, CVE-2006-7179, CVE-2007-2829, CVE-2007-2830)

A flaw was discovered in the MadWifi driver that would allow unencrypted network traffic to be sent prior to finishing WPA authentication. A physically near-by attacker could capture this, leading to a loss of privacy, denial of service, or network spoofing. (CVE-2006-7180)

A flaw was discovered in the MadWifi driver’s ioctl handling. A local attacker could read kernel memory, or crash the system, leading to a denial of service. (CVE-2007-2831)