Kismet and Wireless Stuff ... Extended development logs, up and coming features, and general wireless link-whorery.
Released version 2005-08-R1, addressing several potentially critical security flaws:
1. Handling of unprintable characters in the SSID. I still can't replicate this one myself, but people reported it, and I've made the handling of unprintables much more obvious and correct.
2. Integer underflows in pcap handling. These were meaningless for normal operation (only applied to kernel headers, and if you own the kernel, owning kismet is pointless) but they could cause heap corruption/exploitation on replaying a pcapfile w/ kernel headers.
3. Integer underflow in data frame dissection. This is the most serious, and could lead to heap exploits with malformed remote data.
I still don't have info about the exact nature of the exploits announced at Defcon, but I can't wait any longer. The current issues fixed are serious, and may encompass the announced exploits.
All the reasons I've been given for the absense of information are reasonable, but I wish it didn't have to be handled this way.
Apologies to everyone running Kismet for the security problems, and hopefully something this serious won't creep in again. (And hopefully if I ever get the details on the problems, I'll have already fixed them.)
