USN-404-1: MadWifi vulnerability
Posted on: 01/09/2007 09:00 PM

A new MadWifi vulnerability update is available for Ubuntu Linux. Here the announcement:

Ubuntu Security Notice USN-404-1 January 09, 2007
linux-restricted-modules-2.6.17 vulnerability
CVE-2006-6332
==========================
==========================
=========

A security issue affects the following Ubuntu releases:

Ubuntu 6.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.10:
linux-restricted-modules-2.6.17-10-386 2.6.17.7-10.1
linux-restricted-modules-2.6.17-10-generic 2.6.17.7-10.1
linux-restricted-modules-2.6.17-10-powerpc 2.6.17.7-10.1
linux-restricted-modules-2.6.17-10-powerpc-smp 2.6.17.7-10.1
linux-restricted-modules-2.6.17-10-powerpc64-smp 2.6.17.7-10.1
linux-restricted-modules-2.6.17-10-sparc64 2.6.17.7-10.1
linux-restricted-modules-2.6.17-10-sparc64-smp 2.6.17.7-10.1

After a standard system upgrade you need to reboot your computer to
effect the necessary changes.

Details follow:

Laurent Butti, Jerome Razniewski, and Julien Tinnes discovered that the
MadWifi wireless driver did not correctly check packet contents when
receiving scan replies. A remote attacker could send a specially
crafted packet and execute arbitrary code with root privileges.


Updated packages for Ubuntu 6.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/linux-restricted-modules-2.6.17_2.6.17.7-10.1.diff.gz
Size/MD5: 91232 214d9eb16acbaf284a8f82c11bd5d8b3
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/linux-restricted-modules-2.6.17_2.6.17.7-10.1.dsc
Size/MD5: 2615 0901f5c273c79ec85bf56572899e335a
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/linux-restricted-modules-2.6.17_2.6.17.7.orig.tar.gz
Size/MD5: 94289230 283efe66f46b478dea207dac92b7e4e2

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/linux-restricted-modules-common_2.6.17.7-10.1_all.deb
Size/MD5: 20046 fc9e08b82d203697e6edeb174e014d56

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/avm-fritz-firmware-2.6.17-10_3.11+2.6.17.7-10.1_amd64.deb
Size/MD5: 476644 7dba162a9ea3618779d49ea813b39e63
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-mo=
dules-2.6.17/avm-fritz-kernel-source_3.11+2.6.17.7-10.1_amd64.deb
Size/MD5: 2128978 ddc1bc92aad390084f44851eba7f8f13
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/fglrx-control_8.28.8+2.6.17.7-10.1_amd64.deb
Size/MD5: 77440 eb2d37f10a80e8e60cc4764e3e0830b9
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-mo=
dules-2.6.17/fglrx-kernel-source_8.28.8+2.6.17.7-10.1_amd64.deb
Size/MD5: 547416 df147ff036fc1778579e31c65ceee8b4
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/linux-restricted-modules-2.6.17-10-generic_2.6.17.7-10.1_amd64=
.deb
Size/MD5: 6652168 5ab3b414242000d991cfdd26fe0ca790
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/nic-restricted-firmware-2.6.17-10-generic-di_2.6.17.7-10.1_amd=
64.udeb
Size/MD5: 965684 9e8cc8f48186cdba5062946036503c0e
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/nic-restricted-modules-2.6.17-10-generic-di_2.6.17.7-10.1_amd6=
4.udeb
Size/MD5: 319162 ca1b9585da5679f8244355249b0478e9
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/nvidia-glx-dev_1.0.8776+2.6.17.7-10.1_amd64.deb
Size/MD5: 168346 e820ff635b29d1aeaecc773c12f3ee72
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-mo=
dules-2.6.17/nvidia-glx-legacy-dev_1.0.7184+2.6.17.7-10.1_amd64.deb
Size/MD5: 162282 cef82a40001c27a3327c840580f5cb52
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-mo=
dules-2.6.17/nvidia-glx-legacy_1.0.7184+2.6.17.7-10.1_amd64.deb
Size/MD5: 6082192 ff3111d4c7ed1fc6c6b4c35867d9430a
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/nvidia-glx_1.0.8776+2.6.17.7-10.1_amd64.deb
Size/MD5: 7330456 4c2e0fdc8bd60681f60474ddf26061d6
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-mo=
dules-2.6.17/nvidia-kernel-source_1.0.8776+2.6.17.7-10.1_amd64.deb
Size/MD5: 1755814 ac114a0980fafa0cf57c0756d9fd9527
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-mo=
dules-2.6.17/nvidia-legacy-kernel-source_1.0.7184+2.6.17.7-10.1_amd64.deb
Size/MD5: 1383436 f67a1ee6614974b13237733b78645c62
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/vmware-player-kernel-modules-2.6.17-10_2.6.17.7-10.1_amd64.deb
Size/MD5: 94004 552f5d8fc06e9aa59576da7b67f8131a
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/xorg-driver-fglrx-dev_7.1.0-8.28.8+2.6.17.7-10.1_amd64.deb
Size/MD5: 133420 fb954d2e41883f01bba5509520c3b9ad
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/xorg-driver-fglrx_7.1.0-8.28.8+2.6.17.7-10.1_amd64.deb
Size/MD5: 16016566 ce33b64f6c5a9cd475ee1a18c9b53960

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/avm-fritz-firmware-2.6.17-10_3.11+2.6.17.7-10.1_i386.deb
Size/MD5: 1206196 12521a61773333c13508bfd7beaac419
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-mo=
dules-2.6.17/avm-fritz-kernel-source_3.11+2.6.17.7-10.1_i386.deb
Size/MD5: 3426548 5c9430474ff8d62c3c25afb71e8d79b3
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/fglrx-control_8.28.8+2.6.17.7-10.1_i386.deb
Size/MD5: 74754 afb132196c1c7866b4cb99a3ba8732ed
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-mo=
dules-2.6.17/fglrx-kernel-source_8.28.8+2.6.17.7-10.1_i386.deb
Size/MD5: 701646 7c4134ee10d0d7437524b1ead048ecc4
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/linux-restricted-modules-2.6.17-10-386_2.6.17.7-10.1_i386.deb
Size/MD5: 7886310 f26bb6b9bae14b9852045a5ab0ac58af
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/linux-restricted-modules-2.6.17-10-generic_2.6.17.7-10.1_i386.=
deb
Size/MD5: 7681780 8557d4dada52b5599601ab350d4be024
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/nic-restricted-firmware-2.6.17-10-386-di_2.6.17.7-10.1_i386.ud=
eb
Size/MD5: 965576 de0a40c398b3d48e90ff6585d02141a4
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/nic-restricted-modules-2.6.17-10-386-di_2.6.17.7-10.1_i386.udeb
Size/MD5: 292854 a635d055aa568e4d86bcf0d2c9daf91f
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/nvidia-glx-dev_1.0.8776+2.6.17.7-10.1_i386.deb
Size/MD5: 149150 1b0cb27d327e329a9f2feb43f25a698b
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-mo=
dules-2.6.17/nvidia-glx-legacy-dev_1.0.7184+2.6.17.7-10.1_i386.deb
Size/MD5: 141334 39f1cf2833fbf8cb7301ca7f0187e8f9
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-mo=
dules-2.6.17/nvidia-glx-legacy_1.0.7184+2.6.17.7-10.1_i386.deb
Size/MD5: 3070318 f3258aa7cfb59dbc58c29fbc1c467fac
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/nvidia-glx_1.0.8776+2.6.17.7-10.1_i386.deb
Size/MD5: 4066148 d2cfe4aeae2d0853938b10c0fdcadd7c
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-mo=
dules-2.6.17/nvidia-kernel-source_1.0.8776+2.6.17.7-10.1_i386.deb
Size/MD5: 1695352 2c4696ca6aa4c33908d6318a0a4259a8
http://security.ubuntu.com/ubuntu/pool/multiverse/l/linux-restricted-mo=
dules-2.6.17/nvidia-legacy-kernel-source_1.0.7184+2.6.17.7-10.1_i386.deb
Size/MD5: 1374146 6aefb6f339290ff9d9c843149e0c60a4
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/vmware-player-kernel-modules-2.6.17-10_2.6.17.7-10.1_i386.deb
Size/MD5: 140594 49a2b1a84dfbf8774c0ef71954365c79
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/xorg-driver-fglrx-dev_7.1.0-8.28.8+2.6.17.7-10.1_i386.deb
Size/MD5: 117454 39e407bfeef903aa2179b653d8023b22
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/xorg-driver-fglrx_7.1.0-8.28.8+2.6.17.7-10.1_i386.deb
Size/MD5: 9402232 885507596f2251bfdc9a0e0fea5f8e00

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/linux-restricted-modules-2.6.17-10-powerpc-smp_2.6.17.7-10.1_p=
owerpc.deb
Size/MD5: 1284986 6a793b7f7f89487263e599e6348be2f4
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/linux-restricted-modules-2.6.17-10-powerpc64-smp_2.6.17.7-10.1=
_powerpc.deb
Size/MD5: 996346 4fb97a643472eb26b1cde62e18981bff
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/linux-restricted-modules-2.6.17-10-powerpc_2.6.17.7-10.1_power=
pc.deb
Size/MD5: 1282644 5ace738a3764e18ddc8c39e54a75de86
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/nic-restricted-firmware-2.6.17-10-powerpc-di_2.6.17.7-10.1_pow=
erpc.udeb
Size/MD5: 965672 6ae2f93d4bf75c23153d781a88753f4e
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/nic-restricted-modules-2.6.17-10-powerpc-di_2.6.17.7-10.1_powe=
rpc.udeb
Size/MD5: 287196 d6d299c4b86e52fca726007967017f09

sparc architecture (Sun SPARC/UltraSPARC)

http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/linux-restricted-modules-2.6.17-10-sparc64-smp_2.6.17.7-10.1_s=
parc.deb
Size/MD5: 996316 f901be5d353afa46f6edcce65291ee0d
http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-mo=
dules-2.6.17/linux-restricted-modules-2.6.17-10-sparc64_2.6.17.7-10.1_sparc=
.deb
Size/MD5: 996232 c3285d37a897b01a14748998974fbbd1


--SNIs70sCzqvszXB4
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFFo/LaH/9LqRcGPm0RApRfAJ9BgXjMbY+AWHvQlvZ+Y80nXQa5hACeLgSY
5L3umFWSrqW19F4aUdaoLvg=
=OCNA
-----END PGP SIGNATURE-----



Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/usn_404_1_madwifi_vulnerability.html)