Please note: This project is no longer active. The website is kept online for historic purposes only.
If you´re looking for a Linux driver for your Atheros WLAN device, you should continue here .

Ticket #967 (closed defect: fixed)

Opened 11 years ago

Last modified 11 years ago

[patch] unencrypted data packets are sent before WPA authentication succeeds

Reported by: xmxwx@asn.pl Assigned to:
Priority: critical Milestone: version 0.9.3
Component: madwifi: other Version: v0.9.2
Keywords: Cc:
Patch is attached: 1 Pending:

Description

This can be IMHO called a security flaw, since some data (notably, concerning network structure) can leak. In an extreme case, it seems possible to perform an active attack which could disrupt the authentication process and spoof the network traffic.

http: //dev.lintrack.org/browser/trunk/packages/madwifi/patches/011-suppress_plaintext.diff.bz2?format=raw

Signed-off-by: Michal Wrobel <xmxwx@asn.pl>

Attachments

011-suppress_plaintext.diff (0.6 kB) - added by xmxwx@asn.pl on 10/19/06 01:53:17.

Change History

10/19/06 01:53:17 changed by xmxwx@asn.pl

  • attachment 011-suppress_plaintext.diff added.

10/19/06 13:25:56 changed by mrenzmann

  • priority changed from major to critical.
  • version set to v0.9.2.
  • milestone set to version 0.9.3.

10/23/06 11:14:41 changed by kelmo

  • status changed from new to closed.
  • resolution set to fixed.

Applied: r1760.