wifirxpower Local Buffer Overflow

wifirxpower suffers from local stack-based buffer overflow vulnerability.


MD5 | 092dc9f1d941efb008d30b85d5b5aefd

[+] Title: wifirxpower - Local Stack Based Buffer Overflow
[+] Credits / Discovery: Nassim Asrir
[+] Author Email: [email protected] || https://www.linkedin.com/in/nassim-asrir-b73a57122/
[+] Author Company: Henceforth
[+] CVE: N/A

Vendor:
===============

https://github.com/cnlohr/wifirxpower


Download:
===========

https://github.com/cnlohr/wifirxpower


Vulnerability Type:
===================

Local Stack Based Buffer Overflow


issue:
===================

'wifirx.c' contain a vulnerable code in the line '111' the developer use the 'strcpy' function and does not check the buffer destination and cause a Stack Oveflow.

Vulnerable Code (102 - 124) wifirx.c:
===================
int GetQuality( const char * interface, int * noise )
{
int sockfd;
struct iw_statistics stats;
struct iwreq req;


memset(&stats, 0, sizeof(stats));
memset(&req, 0, sizeof(struct iwreq));
strcpy( req.ifr_name, interface );
req.u.data.pointer = &stats;
req.u.data.length = sizeof(struct iw_statistics);
#ifdef CLEAR_UPDATED
req.u.data.flags = 1;
Related Posts