Alerts This Week
Warning Icon 1 535
Alerts This Week
Warning Icon 1 535

Ubuntu 6.10 USN-404-1 Critical: MadWifi Remote Code Execution Threat

Calendar Jan 09, 2007 User Avatar LinuxSecurity Advisories
2 - 3 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory remote code execution Ubuntu root access MadWifi linux-restricted-modules packet inspection
Laurent Butti, Jerome Razniewski, and Julien Tinnes discovered that the MadWifi wireless driver did not correctly check packet contents when receiving scan replies. A remote attacker could send a specially crafted packet and execute arbitrary code with root privileges. 
=========================================================== 
Ubuntu Security Notice USN-404-1           January 09, 2007
linux-restricted-modules-2.6.17 vulnerability
CVE-2006-6332
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 6.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.10:
  linux-restricted-modules-2.6.17-10-386            2.6.17.7-10.1
  linux-restricted-modules-2.6.17-10-generic        2.6.17.7-10.1
  linux-restricted-modules-2.6.17-10-powerpc        2.6.17.7-10.1
  linux-restricted-modules-2.6.17-10-powerpc-smp    2.6.17.7-10.1
  linux-restricted-modules-2.6.17-10-powerpc64-smp  2.6.17.7-10.1
  linux-restricted-modules-2.6.17-10-sparc64        2.6.17.7-10.1
  linux-restricted-modules-2.6.17-10-sparc64-smp    2.6.17.7-10.1

After a standard system upgrade you need to reboot your computer to
effect the necessary changes.

Details follow:

Laurent Butti, Jerome Razniewski, and Julien Tinnes discovered that the 
MadWifi wireless driver did not correctly check packet contents when 
receiving scan replies.  A remote attacker could send a specially 
crafted packet and execute arbitrary code with root privileges.


Updated packages for Ubuntu 6.10:

  Source archives:

          Size/MD5:    91232 214d9eb16acbaf284a8f82c11bd5d8b3
          Size/MD5:     2615 0901f5c273c79ec85bf56572899e335a
          Size/MD5: 94289230 283efe66f46b478dea207dac92b7e4e2

  Architecture independent packages:

          Size/MD5:    20046 fc9e08b82d203697e6edeb174e014d56

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

          Size/MD5:   476644 7dba162a9ea3618779d49ea813b39e63
          Size/MD5:  2128978 ddc1bc92aad390084f44851eba7f8f13
          Size/MD5:    77440 eb2d37f10a80e8e60cc4764e3e0830b9
          Size/MD5:   547416 df147ff036fc1778579e31c65ceee8b4
          Size/MD5:  6652168 5ab3b414242000d991cfdd26fe0ca790
          Size/MD5:   965684 9e8cc8f48186cdba5062946036503c0e
          Size/MD5:   319162 ca1b9585da5679f8244355249b0478e9
          Size/MD5:   168346 e820ff635b29d1aeaecc773c12f3ee72
          Size/MD5:   162282 cef82a40001c27a3327c840580f5cb52
          Size/MD5:  6082192 ff3111d4c7ed1fc6c6b4c35867d9430a
          Size/MD5:  7330456 4c2e0fdc8bd60681f60474ddf26061d6
          Size/MD5:  1755814 ac114a0980fafa0cf57c0756d9fd9527
          Size/MD5:  1383436 f67a1ee6614974b13237733b78645c62
          Size/MD5:    94004 552f5d8fc06e9aa59576da7b67f8131a
          Size/MD5:   133420 fb954d2e41883f01bba5509520c3b9ad
          Size/MD5: 16016566 ce33b64f6c5a9cd475ee1a18c9b53960

  i386 architecture (x86 compatible Intel/AMD)

          Size/MD5:  1206196 12521a61773333c13508bfd7beaac419
          Size/MD5:  3426548 5c9430474ff8d62c3c25afb71e8d79b3
          Size/MD5:    74754 afb132196c1c7866b4cb99a3ba8732ed
          Size/MD5:   701646 7c4134ee10d0d7437524b1ead048ecc4
          Size/MD5:  7886310 f26bb6b9bae14b9852045a5ab0ac58af
          Size/MD5:  7681780 8557d4dada52b5599601ab350d4be024
          Size/MD5:   965576 de0a40c398b3d48e90ff6585d02141a4
          Size/MD5:   292854 a635d055aa568e4d86bcf0d2c9daf91f
          Size/MD5:   149150 1b0cb27d327e329a9f2feb43f25a698b
          Size/MD5:   141334 39f1cf2833fbf8cb7301ca7f0187e8f9
          Size/MD5:  3070318 f3258aa7cfb59dbc58c29fbc1c467fac
          Size/MD5:  4066148 d2cfe4aeae2d0853938b10c0fdcadd7c
          Size/MD5:  1695352 2c4696ca6aa4c33908d6318a0a4259a8
          Size/MD5:  1374146 6aefb6f339290ff9d9c843149e0c60a4
          Size/MD5:   140594 49a2b1a84dfbf8774c0ef71954365c79
          Size/MD5:   117454 39e407bfeef903aa2179b653d8023b22
          Size/MD5:  9402232 885507596f2251bfdc9a0e0fea5f8e00

  powerpc architecture (Apple Macintosh G3/G4/G5)

          Size/MD5:  1284986 6a793b7f7f89487263e599e6348be2f4
          Size/MD5:   996346 4fb97a643472eb26b1cde62e18981bff
          Size/MD5:  1282644 5ace738a3764e18ddc8c39e54a75de86
          Size/MD5:   965672 6ae2f93d4bf75c23153d781a88753f4e
          Size/MD5:   287196 d6d299c4b86e52fca726007967017f09

  sparc architecture (Sun SPARC/UltraSPARC)

          Size/MD5:   996316 f901be5d353afa46f6edcce65291ee0d
          Size/MD5:   996232 c3285d37a897b01a14748998974fbbd1

Ubuntu 6.10 USN-404-1 Critical: MadWifi Remote Code Execution Threat

ubuntu
Calendar Grey January 9, 2007
Dist Ubuntu Esm H88
Security announcement for Ubuntu concerning MadWifi driver that influences packet verification, potentially granting root privileges.
Laurent Butti, Jerome Razniewski, and Julien Tinnes discovered that the MadWifi wireless driver did not correctly check packet contents when receiving scan replies

Summary

Topics%20covered

Topics Covered

security advisory remote code execution Ubuntu root access MadWifi linux-restricted-modules packet inspection

Update Instructions

References

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-404-1 January 09, 2007

Topics%20covered

Topics Covered

security advisory remote code execution Ubuntu root access MadWifi linux-restricted-modules packet inspection

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here