aircrack-ng adv

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@5857 e39458fd-73e7-0310-bf30-c45bca0a0e42

2 files changed, 19 insertions, 0 deletions

diff --git a/data/DTSA/advs/33-aircrack-ng.adv b/data/DTSA/advs/33-aircrack-ng.adv
new file mode 100644
index 0000000000..c3715e1200
--- /dev/null
+++ b/data/DTSA/advs/33-aircrack-ng.adv
@@ -0,0 +1,15 @@
+source: aircrack-ng
+date: May 16th, 2007
+author: Stefan Fritsch
+vuln-type: programming error
+problem-scope: remote
+debian-specifc: no
+cve: CVE-2007-2057
+vendor-advisory: http://www.nop-art.net/advisories/airodump-ng.txt
+testing-fix: 1:0.8-0.1lenny1
+sid-fix: 1:0.7-3
+upgrade: apt-get install aircrack-ng
+
+It was discovered that aircrack-ng, a WEP/WPA security analysis tool, performs 
+insufficient validation of 802.11 authentication packets, which allows the 
+execution of arbitrary code.
diff --git a/data/DTSA/list b/data/DTSA/list
index 44a63d0604..e6e4f9e61e 100644
--- a/data/DTSA/list
+++ b/data/DTSA/list
@@ -92,3 +92,7 @@
 [March 3rd, 2007] DTSA-34-1 wordpress - cross-site scripting
 	{CVE-2007-1049 }
 	[etch] - wordpress 2.0.9-1
+[May 16th, 2007] DTSA-33-1 aircrack-ng - programming error
+	{CVE-2007-2057 }
+	- aircrack-ng 1:0.8-0.1lenny1
+	TODO: unreleased