tag:blogger.com,1999:blog-4088979.post113758775195185651..comments2023-10-16T06:06:25.012-04:00Comments on TaoSecurity Blog: Real Wireless VulnerabilityRichard Bejtlichhttp://www.blogger.com/profile/13512184196416665417noreply@blogger.comBlogger7125tag:blogger.com,1999:blog-4088979.post-1137803573375970342006-01-20T19:32:00.000-05:002006-01-20T19:32:00.000-05:00Jeff - yes. wlan.ko is updated below.soekris:/root...Jeff - yes. wlan.ko is updated below.<BR/><BR/>soekris:/root# uname -a<BR/>FreeBSD soekris.taosecurity.com 6.0-RELEASE FreeBSD 6.0-RELEASE #0: Thu Nov 3 09:36:13 UTC 2005 root@x64.samsco.home:/usr/obj/usr/src/sys/GENERIC i386<BR/><BR/>soekris:/root# freebsd-update fetch<BR/>Fetching public key...<BR/>Fetching updates signature...<BR/>Fetching updates...<BR/>Fetching hash list signature...<BR/>Fetching hash list...<BR/>Examining local system...<BR/>Fetching updates...<BR/>/boot/kernel/ipfw.ko...<BR/>/boot/kernel/kernel...<BR/>/boot/kernel/linker.hints...<BR/>/boot/kernel/nfsclient.ko...<BR/>/boot/kernel/wlan.ko...<BR/>/usr/bin/cpio...<BR/>/usr/bin/edit...<BR/>/usr/bin/ee...<BR/>/usr/bin/ree...<BR/>/usr/bin/texindex...<BR/>/usr/share/man/man1/cpio.1.gz...<BR/>Updates fetched<BR/><BR/><BR/>To install these updates, run: '/usr/local/sbin/freebsd-update install'<BR/>soekris:/root# freebsd-update install<BR/>Backing up /boot/kernel/ipfw.ko...<BR/>Installing new /boot/kernel/ipfw.ko...<BR/>Backing up /boot/kernel/kernel...<BR/>Installing new /boot/kernel/kernel...<BR/>Backing up /boot/kernel/linker.hints...<BR/>Installing new /boot/kernel/linker.hints...<BR/>Backing up /boot/kernel/nfsclient.ko...<BR/>Installing new /boot/kernel/nfsclient.ko...<BR/>Backing up /boot/kernel/wlan.ko...<BR/>Installing new /boot/kernel/wlan.ko...<BR/>Backing up /usr/bin/cpio...<BR/>Installing new /usr/bin/cpio...<BR/>Backing up /usr/bin/edit...<BR/>Installing new /usr/bin/edit...<BR/>Backing up /usr/bin/ee...<BR/>Recreating hard link from /usr/bin/edit to /usr/bin/ee...<BR/>Backing up /usr/bin/ree...<BR/>Recreating hard link from /usr/bin/edit to /usr/bin/ree...<BR/>Backing up /usr/bin/texindex...<BR/>Installing new /usr/bin/texindex...<BR/>Backing up /usr/share/man/man1/cpio.1.gz...<BR/>Installing new /usr/share/man/man1/cpio.1.gz...<BR/>soekris:/root# shutdown -r now<BR/><BR/>soekris:/root# uname -a<BR/>FreeBSD soekris.taosecurity.com 6.0-SECURITY FreeBSD 6.0-SECURITY #0: Wed Jan 18 05:55:04 UTC 2006 root@builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC i386Richard Bejtlichhttps://www.blogger.com/profile/13512184196416665417noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1137800786810107342006-01-20T18:46:00.000-05:002006-01-20T18:46:00.000-05:00I have been keeping my FreeBSD 6.0 system up-to-da...I have been keeping my FreeBSD 6.0 system up-to-date using freebsd-update. Is this patch rolled out through the updates issued with freebsd-update or should I update using another source?<BR/><BR/>I too will be at Black Hat Federal 2006 next week and would like very much not to be owned when I fire up my laptop (although I don't start any of my interfaces at boot, I will probably be looking for some wi-fi at some point).<BR/><BR/>JeffAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1137701896359981372006-01-19T15:18:00.000-05:002006-01-19T15:18:00.000-05:00Is this the same vul. for which OpenBSD decided th...<I>Is this the same vul. for which OpenBSD decided that a fix will not be issued?</I><BR/><BR/>no<BR/><BR/><I>I thought that was an issue involving secure levels?</I><BR/><BR/>yesAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1137678014128749822006-01-19T08:40:00.000-05:002006-01-19T08:40:00.000-05:00I thought that was an issue involving secure level...I thought that was an issue involving secure levels?Richard Bejtlichhttps://www.blogger.com/profile/13512184196416665417noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1137674836420211182006-01-19T07:47:00.000-05:002006-01-19T07:47:00.000-05:00Is this the same vul. for which OpenBSD decided th...Is this the same vul. for which OpenBSD decided that a fix will not be issued?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1137593163307208942006-01-18T09:06:00.000-05:002006-01-18T09:06:00.000-05:00Note that exploiting this issue does not require t...Note that exploiting this issue does not require that a system be connected to a wireless network -- rather, it simply requires that the system scan to determine which networks are available.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1137592487545646112006-01-18T08:54:00.000-05:002006-01-18T08:54:00.000-05:00Patched a few hours ago...ftp://ftp.freebsd.org/pu...Patched a few hours ago...<BR/><BR/>ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:05.80211.asc<BR/><BR/>http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/net80211/ieee80211_ioctl.cAnonymousnoreply@blogger.com