Test ID:	1.3.6.1.4.1.25623.1.0.58370
Category:	Mandrake Local Security Checks
Title:	Mandrake Security Advisory MDKSA-2007:082 (madwifi-source)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to madwifi-source announced via advisory MDKSA-2007:082. The ath_rate_sample function in the ath_rate/sample/sample.c sample code in MadWifi before 0.9.3 allows remote attackers to cause a denial of service (failed KASSERT and system crash) by moving a connected system to a location with low signal strength, and possibly other vectors related to a race condition between interface enabling and packet transmission. (CVE-2005-4835) MadWifi, when Ad-Hoc mode is used, allows remote attackers to cause a denial of service (system crash) via unspecified vectors that lead to a kernel panic in the ieee80211_input function, related to packets coming from a malicious WinXP system. (CVE-2006-7177) MadWifi before 0.9.3 does not properly handle reception of an AUTH frame by an IBSS node, which allows remote attackers to cause a denial of service (system crash) via a certain AUTH frame. (CVE-2006-7178) ieee80211_input.c in MadWifi before 0.9.3 does not properly process Channel Switch Announcement Information Elements (CSA IEs), which allows remote attackers to cause a denial of service (loss of communication) via a Channel Switch Count less than or equal to one, triggering a channel change. (CVE-2006-7179) ieee80211_output.c in MadWifi before 0.9.3 sends unencrypted packets before WPA authentication succeeds, which allows remote attackers to obtain sensitive information (related to network structure), and possibly cause a denial of service (disrupted authentication) and conduct spoofing attacks. (CVE-2006-7180) Updated packages have been updated to 0.9.3 to correct this issue. Wpa_supplicant is built using madwifi-source and has been rebuilt using 0.9.3 source. Affected: 2007.0, 2007.1 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2007:082 Risk factor : High CVSS Score: 7.8
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-4835 http://www.mandriva.com/security/advisories?name=MDKSA-2007:082 http://madwifi.org/ticket/162 http://madwifi.org/ticket/279 http://secunia.com/advisories/24841 http://secunia.com/advisories/26083 SuSE Security Announcement: SUSE-SR:2007:014 (Google Search) http://www.novell.com/linux/security/advisories/2007_14_sr.html Common Vulnerability Exposure (CVE) ID: CVE-2006-7177 BugTraq ID: 23433 http://www.securityfocus.com/bid/23433 Bugtraq: 20070423 FLEA-2007-0012-1: madwifi (Google Search) http://www.securityfocus.com/archive/1/466689/30/6900/threaded http://madwifi.org/ticket/880 http://secunia.com/advisories/25861 http://www.ubuntu.com/usn/usn-479-1 Common Vulnerability Exposure (CVE) ID: CVE-2006-7178 BugTraq ID: 23431 http://www.securityfocus.com/bid/23431 http://security.gentoo.org/glsa/glsa-200704-15.xml http://secunia.com/advisories/24670 http://secunia.com/advisories/24931 http://www.vupen.com/english/advisories/2007/1187 Common Vulnerability Exposure (CVE) ID: CVE-2006-7179 BugTraq ID: 23436 http://www.securityfocus.com/bid/23436 http://dev.lintrack.org/ticket/101 http://www.osvdb.org/34645 Common Vulnerability Exposure (CVE) ID: CVE-2006-7180 BugTraq ID: 23434 http://www.securityfocus.com/bid/23434 XForce ISS Database: madwifi-wpa-weak-security(33514) https://exchange.xforce.ibmcloud.com/vulnerabilities/33514
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.