kern/72793: wicontrol prints out non-printable chars in BSS ID's
set by attacker
Dirk-Willem van Gulik
dirkx at webweaving.org
Sun Oct 17 12:20:29 PDT 2004
>Number: 72793
>Category: kern
>Synopsis: wicontrol prints out non-printable chars in BSS ID's set by attacker
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun Oct 17 19:20:28 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator: Dirk-Willem van Gulik
>Release: Applies to all releases sofar
>Organization:
WebWeaving Internet Engineering
>Environment:
all releases; up to -CURRENT as of today
>Description:
See:
http://monkey.org/openbsd/archive/tech/0410/msg00817.html
where Olivier Cherrier posts a small patch against sbin/wicontrol/wicontrol.c to handle
weird non printable characters. Some wi cards have Ctl-XX or \n
characters into fields.
>How-To-Repeat:
Set up an (adhoc or managed) network from a PC or Apple with a strange network name; with cltr-A, terminal escapes or other strange char's. Then wicontrol or ifconfig with ANY/empty-string; let associate and do a wicontrol wi0.
Seems to not affect ifconfig -a output.
>Fix:
http://monkey.org/openbsd/archive/tech/0410/msg00817.html
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list