Upstream information

CVE-2006-7180 at MITRE

Description

ieee80211_output.c in MadWifi before 0.9.3 sends unencrypted packets before WPA authentication succeeds, which allows remote attackers to obtain sensitive information (related to network structure), and possibly cause a denial of service (disrupted authentication) and conduct spoofing attacks.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 6.8
Vector AV:N/AC:M/Au:N/C:P/I:P/A:P
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial
SUSE Bugzilla entry: 263783 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 10 SP1 for x86
  • madwifi-kmp-bigsmp >= 0.9.3_2.6.16.46_0.12-6.6
  • madwifi-kmp-default >= 0.9.3_2.6.16.46_0.12-6.6
  • madwifi-kmp-smp >= 0.9.3_2.6.16.46_0.12-6.6
Builds
ZYPP Patch Nr: 2978
SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T
  • madwifi-kmp-default >= 0.9.3_2.6.16.46_0.12-6.6
  • madwifi-kmp-smp >= 0.9.3_2.6.16.46_0.12-6.6
Builds
ZYPP Patch Nr: 2978