Advisories » MGASA-2013-0307

Updated aircrack-ng package fixes security vulnerability

Publication date: 17 Oct 2013
Modification date: 17 Oct 2013
Type: security
Affected Mageia releases : 2 , 3
CVE: CVE-2010-1159

Description

A buffer overflow vulnerability has been discovered in Aircrack-ng. A remote
attacker could entice a user to open a specially crafted dump file using
Aircrack-ng, possibly resulting in execution of arbitrary code with the
privileges of the process or a Denial of Service condition (CVE-2010-1159).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=11402
• http://www.gentoo.org/security/en/glsa/glsa-201310-06.xml
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1159

SRPMS

2/core

• aircrack-ng-1.1-4.1.mga2

3/core

• aircrack-ng-1.1-5.1.mga3