Date: Fri, 03 Oct 2014 21:21:11 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-wireless@FreeBSD.org Subject: [Bug 194122] New: add a security caution to wpa_supplicant.conf.5 Message-ID: <bug-194122-21060@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=194122 Bug ID: 194122 Summary: add a security caution to wpa_supplicant.conf.5 Product: Base System Version: 11.0-CURRENT Hardware: Any OS: Any Status: Needs Triage Severity: Affects Many People Priority: --- Component: wireless Assignee: freebsd-wireless@FreeBSD.org Reporter: jhs@berklix.com Created attachment 147946 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=147946&action=edit patch for wpa_supplicant.conf.5 + Security Caution, If you assert scan_ssid=1 (Instead of default scan_ssid=0): + .in +2 + Instead of just sending a broadcast Probe Request frame, + FreeBSD would also send directed Probe Request frames with specific names. + Those network names would be observable to hostile 3rd parties, + & could be abused as per + http://www.bbc.com/news/technology-28891937 + http://lists.freebsd.org/pipermail/freebsd-wireless/2014-October/005097.html + .in -2 -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-194122-21060>