There has been an issue using the iwl4965 card for fake authentication since the pre final stages of BT4, and this problem persists in BT4 final. The card/driver supports injection no problem, but in order to fake authenticate, one must use a workaround. The problem/workaround is detailed here:
4965 agn - Remote Exploit Forums
The short version is that the standard fake authentication using aireplay-ng does not work. In order to effectively fake authenticate, one must use wpa_supplicant as follows:
where fake.conf refers to a text file containing:
wpa_supplicant -c fake.conf -i wlan0 -Dwext -B
This method of fake authentication will work, and then injection will work after this, however this is a bit annoying. It is especially annoying when trying to use GUI WEP/WPA crackers such as gerix or grimwepa, which attempt to do the fake authentication for you. It fails every time, preventing the use of these tools.
I realize there are relatively few people using this particular NIC, but it would be greatly appreciated if one of the dev's could look into this. If you need any additional information, I will be more than willing to provide it. Thank you.