Re: [SECURITY] [DSA 1712-1] New rt2400 packages fix arbitrary code execution

To: rootusers@lists.playfire.com
Cc: tech@playfire.com, debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 1712-1] New rt2400 packages fix arbitrary code execution
From: Chris Lamb <chris@playfire.com>
Date: Wed, 28 Jan 2009 22:19:37 +0000
Message-id: <[🔎] 20090128221937.07c6bcc3@sakaki.chris-lamb.co.uk>
In-reply-to: <20090128214531.GA5117@galadriel.inutil.org>
References: <20090128214531.GA5117@galadriel.inutil.org>

Moritz Muehlenhoff wrote:

> - ------------------------------------------------------------------------
> Debian Security Advisory DSA-1712-1                  security@debian.org
> http://www.debian.org/security/                       Moritz Muehlenhoff
> January 28, 2009                      http://www.debian.org/security/faq
> - ------------------------------------------------------------------------
> 
> Package        : rt2400
> Vulnerability  : integer overflow
> Problem type   : remote
> Debian-specific: no
> CVE Id(s)      : CVE-2009-0282
> 
> It was discovered that an integer overflow in the "Probe Request" packet
> parser of the Ralinktech wireless drivers might lead to remote denial of
> service or the execution of arbitrary code.

Not for us.


Regards,

-- 
Chris Lamb, www.playfire.com/lamby                        GPG: 0x634F9A20

Reply to:

Prev by Date: Re: [SECURITY] [DSA 1714-1] New rt2570 packages fix arbitrary code execution
Next by Date: Re: [SECURITY] [DSA 1713-1] New rt2500 packages fix arbitrary code execution
Previous by thread: Re: [SECURITY] [DSA 1714-1] New rt2570 packages fix arbitrary code execution
Next by thread: Re: [SECURITY] [DSA 1713-1] New rt2500 packages fix arbitrary code execution
Index(es):
- Date
- Thread