Article

Wireless device flaw discovered

SearchSecurity.com Staff
A Broadcom wireless device driver is vulnerable to a stack-based buffer overflow that could lead to attacks on computers from a distance, according to an advisory issued Saturday by the Month of Kernel Bugs.

The device driver,

    Requires Free Membership to View

a Broadcom BCMWL5.SYS is bundled with a number of new PCs including HP, Dell, Gateway and eMachines. The Broadcom wireless device driver is vulnerable to a stack-based buffer overflow that can lead to arbitrary kernel-mode code execution, according to the advisory.

"This particular vulnerability is caused by improper handling of 802.11 probe responses containing a long SSID field," the MKB said in its advisory.

Broadcom released a fixed driver to their partners, which provides updates for the affected products. Linksys, Zonet, and other wireless card manufactures also provide devices that ship with this driver, MKB said.

The volunteer group, Zero-day Threat Response Team (ZERT), labeled the vulnerability as "critical." computers located a short distance away from laptops are at risk as well as computers located in public spaces with an enabled wireless card in use, ZERT said.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: