tag:blogger.com,1999:blog-3500917063499850097.post6400434697002483484..comments2023-04-17T15:20:23.244+02:00Comments on Mathy Vanhoef: Unmasking a Spoofed MAC Address (CVE-2013-4579)Mathyhttp://www.blogger.com/profile/12266874794108836514noreply@blogger.comBlogger7125tag:blogger.com,1999:blog-3500917063499850097.post-7737337888919952012013-11-26T22:06:18.639+01:002013-11-26T22:06:18.639+01:00This comment has been removed by the author.Mathyhttps://www.blogger.com/profile/12266874794108836514noreply@blogger.comtag:blogger.com,1999:blog-3500917063499850097.post-81201452676154962702013-11-26T16:22:45.091+01:002013-11-26T16:22:45.091+01:00Perhaps linux-wireless@vger.kernel.org would be a ...Perhaps linux-wireless@vger.kernel.org would be a better place to post the patch?John W. Linvillehttps://www.blogger.com/profile/06733985097169878581noreply@blogger.comtag:blogger.com,1999:blog-3500917063499850097.post-19104425256856320422013-11-21T19:29:41.731+01:002013-11-21T19:29:41.731+01:00Are you planning on sending your patch to the ath9...Are you planning on sending your patch to the ath9k-devel list?Joshhttps://www.blogger.com/profile/17206277305500178973noreply@blogger.comtag:blogger.com,1999:blog-3500917063499850097.post-41701060732213185262013-11-14T00:04:08.450+01:002013-11-14T00:04:08.450+01:00Thanks for the test Mazeppa. I looked at the code ...Thanks for the test Mazeppa. I looked at the code of ath9k and this appears to confirm that ath9k is not vulnerable. In the ath9k code the MAC address of one of the virtual interfaces is copied to the "mainmac" register. So when spoofing an address "mainmac" is updated correctly.Mathyhttps://www.blogger.com/profile/12266874794108836514noreply@blogger.comtag:blogger.com,1999:blog-3500917063499850097.post-22752220755800824152013-11-13T04:56:13.287+01:002013-11-13T04:56:13.287+01:00The ath9k driver does not appear to be affected by...The ath9k driver does not appear to be affected by this exploit. I ran some tests using the scapy program provided and it (incorrectly) determined that the spoofed MAC address was my real address multiple times<br /><br />-MazeppaAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-3500917063499850097.post-10247655893755840282013-11-11T23:02:24.315+01:002013-11-11T23:02:24.315+01:00Yes. Spoofing a MAC means manually changing it.Yes. Spoofing a MAC means manually changing it.Mathyhttps://www.blogger.com/profile/12266874794108836514noreply@blogger.comtag:blogger.com,1999:blog-3500917063499850097.post-80697100802637171782013-11-11T21:24:13.454+01:002013-11-11T21:24:13.454+01:00Does this apply if the user manually changes the M...Does this apply if the user manually changes the MAC address? Thanks for your time in answering.Anonymousnoreply@blogger.com