aircrack airserv-ng crashes with telnet
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
aircrack-ng (Ubuntu) |
New
|
Undecided
|
carloslp |
Bug Description
I started airserv on default port (666) and then connected to it via telnet.
I typed "foo" and it crash dumped.
if you need me to reproduce with debug symbols, let me know.
$ sudo gdb --args airserv-ng -d mon0 -v 3
GNU gdb 6.8-debian
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-
warning: not using untrusted file "/home/
(no debugging symbols found)
(gdb) r
Starting program: /usr/sbin/
Opening card mon0
Setting chan 1
Opening sock port 666
Serving mon0 chan 1 on port 666
Connect from 127.0.0.1
PLEN 1869548810 type 102 len 2048
airserv-ng: network.c:138: net_get: Assertion `plen <= *len' failed.
Program received signal SIGABRT, Aborted.
0x00007f9892571fb5 in *__GI_raise (sig=<value optimized out>) at ../nptl/
64 ../nptl/
in ../nptl/
(gdb) bt full
#0 0x00007f9892571fb5 in *__GI_raise (sig=<value optimized out>) at ../nptl/
pid = <value optimized out>
selftid = <value optimized out>
#1 0x00007f9892573bc3 in *__GI_abort () at abort.c:88
act = {__sigaction_
sa_sigaction = 0x7f98928ab860 <_IO_2_1_stderr_>}, sa_mask = {__val = {140293268012039, 140735788410592, 138,
140735788
140735788
sa_restorer = 0x4084a1 <readdir64@
sigs = {__val = {32, 0 <repeats 15 times>}}
#2 0x00007f989256af09 in *__GI___assert_fail (assertion=0x408527 "plen <= *len", file=0x4084a1 "network.c", line=138,
function=
buf = 0xd724d0 ""
errstr = "Unexpected error.\n"
#3 0x00000000004037d8 in ?? ()
No symbol table info available.
#4 0x0000000000401ed2 in ?? ()
No symbol table info available.
#5 0x00000000004025d2 in ?? ()
No symbol table info available.
#6 0x00007f989255d5a6 in __libc_start_main (main=0x402240 <readdir64@
init=0x407c60 <readdir64@
stack_
result = <value optimized out>
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {4226144, -63124515207004
prev = 0x0, cleanup = 0x0, canceltype = 5}}}
not_first_call = <value optimized out>
#7 0x0000000000401c39 in ?? ()
No symbol table info available.
#8 0x00007fff9aacf298 in ?? ()
---Type <return> to continue, or q <return> to quit---
No symbol table info available.
#9 0x000000000000001c in ?? ()
No symbol table info available.
#10 0x0000000000000005 in ?? ()
No symbol table info available.
#11 0x00007fff9aad09ec in ?? ()
No symbol table info available.
#12 0x00007fff9aad0a01 in ?? ()
No symbol table info available.
#13 0x00007fff9aad0a04 in ?? ()
No symbol table info available.
#14 0x00007fff9aad0a09 in ?? ()
No symbol table info available.
#15 0x00007fff9aad0a0c in ?? ()
No symbol table info available.
#16 0x0000000000000000 in ?? ()
No symbol table info available.
(gdb)
$ apt-cache policy aircrack-ng Installed: 1:1.0~rc1-2ubuntu1
jaunty 64bits
affects ubuntu/aircrack-ng
status new
Changed in aircrack-ng (Ubuntu): | |
assignee: | nobody → carloslp (carloslp) |