Antichat снова доступен.
Форум Antichat (Античат) возвращается и снова открыт для пользователей.
Здесь обсуждаются безопасность, программирование, технологии и многое другое.
Сообщество снова собирается вместе.
Новый адрес: forum.antichat.xyz
 |
Wi-Fi Bug Found in Linux Driver |
26.04.2007, 21:39
|
|
Постоянный
Регистрация: 08.01.2006
Сообщений: 865
Провел на форуме:
3279330
Репутация:
343
|
|
Wi-Fi Bug Found in Linux Driver
A bug has been found in a major Linux Wi-Fi driver that can allow an attacker to take control of a laptop -- even when it is not on a Wi-Fi network.
There have not been many Linux Wi-Fi device drivers, and this is apparently the first remotely executable Wi-Fi bug. It affects the widely used MadWi-Fi Linux kernel device driver for Atheros-based Wi-Fi chipsets, according to Laurent Butti, a researcher from France Telecom Orange, who found the flaw and released the information in a presentation at last month's Black Hat conference in Amsterdam.
"You may be vulnerable if you do not manually patch your MadWi-Fi driver," said Butti. Before making it public, he shared the flaw with the MadWi-Fi development team, who have released a patch. However, not all Linux distributions have yet built the patch into their code, said Butti.
The kernel stack-overflow bug lets an attacker run malicious code, and can be used even if the machine is not actively on a Wi-Fi network, according to Butti, who used "fuzzing" techniques which had been shown by David Maynor and "Johnny Cache" Jon Ellch, at last year's Black Hat USA conference, and previously exploited on Windows and Macintosh systems.
Linux users have previously suffered from a shortage of Linux drivers, and have campaigned to get wireless networks supported in the Linux kernel. With fewer Linux laptops on Wi-Fi networks, security experts -- and presumably hackers -- have taken longer to get round to Linux drivers, but issue of handling remote data at the kernel level can cause trouble on the open source OS just as easily as any other.
Butti has previously developed the RAW series of proof-of-concept hacker tools. He also found the Windows Wi-Fi flaw by fuzzing, during the Month of Kernel Bugs last year.
Fuzzing is a blessing, according to Butti, because it is a low-cost way for security researchers to uncover obvious bugs that may get overlooked, and exploited by hackers. In future, he expects fuzzing to reveal bugs in other wireless technologies like WiMax, and wireless USB, as well as many more bugs in the extensions that are regularly added to Wi-Fi
(c) pcworld.com
|
|
|
06.05.2007, 00:16
|
|
Новичок
Регистрация: 30.04.2007
Сообщений: 23
Провел на форуме:
69900
Репутация:
15
|
|
Already patched... Most Linux distributions who use Mad Wi-Fi have patched it, the others just don't have it at all.
|
|
|
|
|
|
|
Здесь присутствуют: 1 (пользователей: 0 , гостей: 1)
|
|
|
|
Похожие темы
Линейный вид
