aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorremko <remko@FreeBSD.org>2006-02-14 17:57:31 +0800
committerremko <remko@FreeBSD.org>2006-02-14 17:57:31 +0800
commit99ebe309cba3196807339f6d84be2e608b0f0639 (patch)
treeb78aae23a2c01f4f48d8954c5d0c1c9602f0d207 /security
parent5ca110d5e442defa8c3b41cba9ff52f3a3317aeb (diff)
downloadfreebsd-ports-gnome-99ebe309cba3196807339f6d84be2e608b0f0639.tar.gz
freebsd-ports-gnome-99ebe309cba3196807339f6d84be2e608b0f0639.tar.zst
freebsd-ports-gnome-99ebe309cba3196807339f6d84be2e608b0f0639.zip
Document IEEE 802.11 -- buffer overflow (FreeBSD SA 06.05).
Diffstat (limited to 'security')
-rw-r--r--security/vuxml/vuln.xml35
1 files changed, 35 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 1402ce405d50..406d48268779 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -34,6 +34,41 @@ Note: Please add new entries to the beginning of this file.
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="dade3316-9d31-11da-8c1d-000e0c2e438a">
+ <topic>IEEE 802.11 -- buffer overflow</topic>
+ <affects>
+ <system>
+ <name>FreeBSD</name>
+ <range><gt>6.0</gt><lt>6.0_3</lt></range>
+ </system>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Problem description:</p>
+ <p>An integer overflow in the handling of corrupt IEEE 802.11
+ beacon or probe response frames when scanning for existing
+ wireless networks can result in the frame overflowing a
+ buffer.</p>
+ <p>Impact:</p>
+ <p>An attacker able broadcast a carefully crafted beacon or
+ probe response frame may be able to execute arbitrary code
+ within the context of the FreeBSD kernel on any system
+ scanning for wireless networks.</p>
+ <p>Workaround:</p>
+ <p>No workaround is available, but systems without IEEE 802.11
+ hardware or drivers loaded are not vulnerable.</p>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2006-0226</cvename>
+ <freebsdsa>SA-06:05</freebsdsa>
+ </references>
+ <dates>
+ <discovery>2006-01-18</discovery>
+ <entry>2006-02-14</entry>
+ </dates>
+ </vuln>
+
<vuln vid="d7c1d00d-9d2e-11da-8c1d-000e0c2e438a">
<topic>ipfw -- IP fragment denial of service</topic>
<affects>