linux-wlan-ng susceptible to a 'Etherleak' attack?

To: debian-devel@lists.debian.org
Subject: linux-wlan-ng susceptible to a 'Etherleak' attack?
From: Brent Miller <yidaki2@yahoo.com>
Date: Sat, 13 Sep 2003 21:55:55 -0700 (PDT)
Message-id: <[🔎] 20030914045555.33865.qmail@web41306.mail.yahoo.com>

Hello everyone,

While playing around with the nessus network scanning
program today I noticed that when I scan my wireless
laptop (using the linux-wlan-ng drivers), nessus
informs me that my ethernet driver is susceptible to a
'Etherleak' attack. This struck me as being weird as I
remember seeing a security advisory just a little
while ago saying to upgrade the kernel as this had
been discovered and fixed. So just out of curiosity, I
took out my wireless card and put in an old ethernet
card and the warning went away.

Since I'm not too sure how to carry out the attack,
and I don't know if the vulnerability really exists or
is just a false positive within nessus, can anybody
else confirm this?

Both the machine running nessus (2.0.7-2) and the
laptop are running unstable and the laptop has:
    linux-wlan-ng 0.2.0-12 w/ modules compiled against
    kernel-source-2.4.21 2.4.21-5,
    kernel-image 2.4.21-5-586tsc,
    wireless card is a netgear MA401,
    ethernet card is a linksys PCM100,

Please include me in the cc as I'm not on the list.

Thanks,
Brent

__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com

Reply to:

Follow-Ups:
- Re: linux-wlan-ng susceptible to a 'Etherleak' attack?
  - From: Joey Hess <joeyh@debian.org>

Prev by Date: Accepted pydance 0.8.1-1 (all source)
Next by Date: Re: Done
Previous by thread: Accepted pydance 0.8.1-1 (all source)
Next by thread: Re: linux-wlan-ng susceptible to a 'Etherleak' attack?
Index(es):
- Date
- Thread