Vigil@nce: Linux kernel, information disclosure via orinoco
January 2011 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
The orinoco driver does not correctly process TKIP
Countermeasures, so an attacker can alter messages in order to
obtain information.
– Severity: 1/4
– Creation date: 07/01/2011
IMPACTED PRODUCTS
– Linux kernel
DESCRIPTION OF THE VULNERABILITY
The MIC (Message Integrity Check) is used to check if a WiFi
message was altered. If two MIC are invalid during one minute, the
TKIP Countermeasures procedure indicates to reinitialize sessions.
However, the orinoco driver reverses the activation logic of TKIP
Countermeasures.
An attacker can therefore alter messages in order to obtain
information with a brute force.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Linux-kernel-information-disclosure-via-orinoco-10255