[ MDVSA-2015:028 ] aircrack-ng

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:028
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : aircrack-ng
 Date    : February 5, 2015
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Updated aircrack-ng package fixes security vulnerabilities:
 
 A length parameter inconsistency in Aircrack-ng before 1.2-rc1
 at aireplay tcp_test() which may lead to remote code execution
 (CVE-2014-8322).
 
 A missing check for data format in Aircrack-ng before 1.2-rc1 at
 buddy-ng which may lead to denial of service (CVE-2014-8323).
 
 A missing check for invalid values in Aircrack-ng before 1.2-rc1
 at airserv-ng net_get() which may lead to denial of service
 (CVE-2014-8324).
 __________________________________________

Leave a Reply