D-Link DWL-G650 TIM Information Element Wireless Driver Beacon Buffer Overflow Vulnerability
TITLE: D-Link DWL-G650 TIM Information Element Wireless Driver Beacon Buffer Overflow Vulnerability
CLASS: Boundary Condition Error
CVE: CVE-2007-0933
REMOTE: Yes
LOCAL: No
PUBLISHED: Jun 12 2007 12:00AM
UPDATE: Jun 13 2007 04:39AM
CREDIT: Laurent Butti discovered this vulnerability.
VULNERABLE:
D-Link DWL-G650 6.0 18 (Rev. A1)NOT VULNERABLE:
Vai alla pagina originale su Security Focus
Discussion
The D-Link Wireless Device Driver for DWL-G650 devices is prone to a buffer-overflow vulnerability because the driver fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.
Exploiting this issue potentially allows attackers to execute arbitrary machine code in the context of the kernel hosting the vulnerable driver. Failed attempts will likely crash the kernel, resulting in denial-of-service conditions.
D-Link DWL-G650 6.0.0.18 (Rev. A1) is reported vulnerable; other versions may also be affected.
Exploit
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:vuldb@securityfocus.com.
Solution
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:vuldb@securityfocus.com.
References
References:
- D-Link DWL-G650 Product Page (D-Link)
- Wi-Fi Advanced Fuzzing (Laurnet Butti)