Problem description:
An integer overflow in the handling of corrupt IEEE 802.11 beacon or probe response frames when scanning for existing wireless networks can result in the frame overflowing a buffer.
Impact:
An attacker able broadcast a carefully crafted beacon or probe response frame may be able to execute arbitrary code within the context of the FreeBSD kernel on any system scanning for wireless networks.
Workaround:
No workaround is available, but systems without IEEE 802.11 hardware or drivers loaded are not vulnerable.
Disclaimer: The data contained on this page is derived from the VuXML document, please refer to the the original document for copyright information. The author of portaudit makes no claim of authorship or ownership of any of the information contained herein.
If you have found a vulnerability in a FreeBSD port not listed in the database, please contact the FreeBSD Security Officer. Refer to "FreeBSD Security Information" for more information.