C-Note-07-016: Aircrack-ng Buffer Overflow Vulnerability (04/25/07)

The aircrack-ng suite is a group of related programs that can be used to recover WEP and WPA-PSK keys from active 802.11 wireless networks. The airodump-ng program, which is a part of the aircrack-ng suite, contains a buffer overflow vulnerability. If successfully exploited, this vulnerability may allow an attacker to execute arbitrary code.

This advisories are posted at: http://www.kb.cert.org/vuls/id/349828
http://www.debian.org/security/2007/dsa-1280

CIAC would like to thank US-CERT for this information.