[Bug 194122] New: add a security caution to wpa_supplicant.conf.5
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Fri Oct 3 21:21:12 UTC 2014
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=194122
Bug ID: 194122
Summary: add a security caution to wpa_supplicant.conf.5
Product: Base System
Version: 11.0-CURRENT
Hardware: Any
OS: Any
Status: Needs Triage
Severity: Affects Many People
Priority: ---
Component: wireless
Assignee: freebsd-wireless at FreeBSD.org
Reporter: jhs at berklix.com
Created attachment 147946
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=147946&action=edit
patch for wpa_supplicant.conf.5
+ Security Caution, If you assert scan_ssid=1 (Instead of default scan_ssid=0):
+ .in +2
+ Instead of just sending a broadcast Probe Request frame,
+ FreeBSD would also send directed Probe Request frames with specific names.
+ Those network names would be observable to hostile 3rd parties,
+ & could be abused as per
+ http://www.bbc.com/news/technology-28891937
+ http://lists.freebsd.org/pipermail/freebsd-wireless/2014-October/005097.html
+ .in -2
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-wireless
mailing list