Shostack + Friends Blog Archive


BSD Kernel Stack Overflow

An integer overflow in the handling of corrupt IEEE 802.11 beacon or
probe response frames when scanning for existing wireless networks can
result in the frame overflowing a buffer.

From the FreeBSD Advisory. Researcher advisory is at No word yet on if Macs are vulnerable. I think Richard at TaoSecurity sums it up well:

That’s cool. Insert wireless NIC, be 0wn3d. I’m glad I heard about this prior to Black Hat Federal next week.