 |
|
|
Family: Windows --> Category: infos
Broadcom BCMWL5.SYS Wireless Driver Probe Response SSID Overflow Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks version of Broadcom wireless driver
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote Windows host has a wireless device driver that is prone to
a buffer overflow attack.
Description :
The Windows remote host contains a Broadcom wireless device driver.
The installed version of this driver on the remote host includes the
file 'bcmwl5.sys' that is reportedly affected by a stack-based
overflow vulnerability. A possible hacker within wireless range of the
affected host may be able to leverage this issue using a 802.11 probe
response with a long SSID field to execute arbitrary kernel-mode code
on the affected host.
See also :
http://projects.info-pull.com/mokb/MOKB-11-11-2006.html
http://isotf.org/advisories/zert-01-111106.htm
http://isc.incidents.org/diary.php?storyid=1845
Solution :
Contact the device's manufacturer for an update.
Threat Level:
Critical / CVSS Base Score : 10
(AV:R/AC:L/Au:NR/C:C/A:C/I:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
|
|
|
|
