tutorial about web security computer networking: Real Wireless Vulnerability

At ShmooCon one talk discussed a somewhat obvious and not that exciting (to me) feature of Windows wireless networking. I don't consider automatic network connectivity to be a vulnerability, only a bad design choice. However, this morning I read this advisory on a real wireless vulnerability in FreeBSD's (and possible other BSD's) wireless code. From the advisory:


II.  Problem Description

An integer overflow in the handling of corrupt IEEE 802.11 beacon or
probe response frames when scanning for existing wireless networks can
result in the frame overflowing a buffer.

III. Impact

An attacker able broadcast a carefully crafted beacon or probe response
frame may be able to execute arbitrary code within the context of the
FreeBSD kernel on any system scanning for wireless networks.

That's cool. Insert wireless NIC, be 0wn3d. I'm glad I heard about this prior to Black Hat Federal next week.

tutorial about web security computer networking

Rabu, 18 Januari 2006

Real Wireless Vulnerability

Tidak ada komentar:

Posting Komentar