[Secure-testing-commits] r5857 - in data/DTSA: . advs
stef-guest at alioth.debian.org
stef-guest at alioth.debian.org
Thu May 17 09:11:12 UTC 2007
Author: stef-guest
Date: 2007-05-17 09:11:12 +0000 (Thu, 17 May 2007)
New Revision: 5857
Added:
data/DTSA/advs/33-aircrack-ng.adv
Modified:
data/DTSA/list
Log:
aircrack-ng adv
Added: data/DTSA/advs/33-aircrack-ng.adv
===================================================================
--- data/DTSA/advs/33-aircrack-ng.adv (rev 0)
+++ data/DTSA/advs/33-aircrack-ng.adv 2007-05-17 09:11:12 UTC (rev 5857)
@@ -0,0 +1,15 @@
+source: aircrack-ng
+date: May 16th, 2007
+author: Stefan Fritsch
+vuln-type: programming error
+problem-scope: remote
+debian-specifc: no
+cve: CVE-2007-2057
+vendor-advisory: http://www.nop-art.net/advisories/airodump-ng.txt
+testing-fix: 1:0.8-0.1lenny1
+sid-fix: 1:0.7-3
+upgrade: apt-get install aircrack-ng
+
+It was discovered that aircrack-ng, a WEP/WPA security analysis tool, performs
+insufficient validation of 802.11 authentication packets, which allows the
+execution of arbitrary code.
Modified: data/DTSA/list
===================================================================
--- data/DTSA/list 2007-05-17 08:55:36 UTC (rev 5856)
+++ data/DTSA/list 2007-05-17 09:11:12 UTC (rev 5857)
@@ -92,3 +92,7 @@
[March 3rd, 2007] DTSA-34-1 wordpress - cross-site scripting
{CVE-2007-1049 }
[etch] - wordpress 2.0.9-1
+[May 16th, 2007] DTSA-33-1 aircrack-ng - programming error
+ {CVE-2007-2057 }
+ - aircrack-ng 1:0.8-0.1lenny1
+ TODO: unreleased
More information about the Secure-testing-commits
mailing list