Technical Description

Multiple vulnerabilities were identified in Kismet, which could be exploited by remote attackers to execute arbitrary commands or cause a denial of service.

The first flaw is due to an error in the handling of unprintable characters in the SSID (the impact of this issue is currently unknown).

The second issue is due to integer underflow errors in the pcap handling, which could be exploited to cause heap corruption.

The third vulnerability is due to an integer underflow in CDP protocol dissector, which could be exploited by remote attackers to execute arbitrary commands.

Affected Products

Kismet versions prior to 2005-08-R1

Solution

Upgrade to Kismet version 2005-08-R1 :
http://www.kismetwireless.net/download.shtml

References

http://www.vupen.com/english/advisories/2005/1422
http://www.kismetwireless.net/blog/?entry=/kismet/entry-1124158146.txt
http://www.kismetwireless.net/CHANGELOG

Credits

Vulnerability reported by Stefan Esser and the vendor

ChangeLog

2005-08-16 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts with CVE, CWE, and CVSS when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.