wifirxpower suffers from local stack-based buffer overflow vulnerability.
092dc9f1d941efb008d30b85d5b5aefd[+] Title: wifirxpower - Local Stack Based Buffer Overflow
[+] Credits / Discovery: Nassim Asrir
[+] Author Email: [email protected] || https://www.linkedin.com/in/nassim-asrir-b73a57122/
[+] Author Company: Henceforth
[+] CVE: N/A
Vendor:
===============
https://github.com/cnlohr/wifirxpower
Download:
===========
https://github.com/cnlohr/wifirxpower
Vulnerability Type:
===================
Local Stack Based Buffer Overflow
issue:
===================
'wifirx.c' contain a vulnerable code in the line '111' the developer use the 'strcpy' function and does not check the buffer destination and cause a Stack Oveflow.
Vulnerable Code (102 - 124) wifirx.c:
===================
int GetQuality( const char * interface, int * noise )
{
int sockfd;
struct iw_statistics stats;
struct iwreq req;
memset(&stats, 0, sizeof(stats));
memset(&req, 0, sizeof(struct iwreq));
strcpy( req.ifr_name, interface );
req.u.data.pointer = &stats;
req.u.data.length = sizeof(struct iw_statistics);
#ifdef CLEAR_UPDATED
req.u.data.flags = 1;