Showing posts with label wireless. Show all posts
Showing posts with label wireless. Show all posts

Thursday, November 30, 2006

MOKB-30-11-2006: Apple Airport Extreme Beacon Frame Denial of Service

Apple Airport Extreme driver fails to handle certain beacon frames, leading to an out of bounds memory access, resulting in a so-called kernel panic. Ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r security implications may exist, although this hasn't been verified and no details can be provided until furcá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r research is done. This issue is being coordinated with Apple, and under common agreement it's been decided to keep cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 details private until a fix has been made available to end-users.

Wednesday, November 22, 2006

MOKB-22-11-2006: NetGear WG311v1 Wireless Driver Long SSID Overflow

The NetGear WG311v1 wireless adapter (PCI) ships with a version of WG311ND5.SYS that is vulnerable to a heap-based buffer overflow condition. This issue may lead to arbitrary kernel-mode code execution.

Saturday, November 18, 2006

MOKB-18-11-2006: NetGear MA521 Wireless Driver Long Rates Overflow

The NetGear MA521 wireless adapter (PCMCIA) ships with a version of MA521nd5.SYS that is vulnerable to a memory corruption condition. This issue may lead to arbitrary kernel-mode code execution.

Thursday, November 16, 2006

MOKB-16-11-2006: NetGear WG111v2 Wireless Driver Long Beacon Overflow

The NetGear WG111v2 wireless adapter (USB) ships with a version of WG111v2.SYS that is vulnerable to a stack-based buffer overflow. This overflow can lead to arbitrary kernel-mode code execution. The overflow occurs when a 802.11 beacon request is received that contains over 1100 bytes of information elements.

Monday, November 13, 2006

MOKB-13-11-2006: D-Link DWL-G132 Wireless Driver Beacon Rates Overflow

The D-Link DWL-G132 wireless adapter (USB) ships with a version of A5AGU.SYS that is vulnerable to a stack-based buffer overflow. This overflow can lead to arbitrary kernel-mode code execution. The overflow occurs when a 802.11 beacon request is received that contains over 36 bytes in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Rates information element (IE).

Saturday, November 11, 2006

MOKB-11-11-2006: Broadcom Wireless Driver Probe Response SSID Overflow

The Broadcom BCMWL5.SYS wireless device driver is vulnerable to a stack-based buffer overflow that can lead to arbitrary kernel-mode code execution. This particular vulnerability is caused by improper handling of 802.11 probe responses containing a long SSID field. The BCMWL5.SYS driver is bundled with new PCs from HP, Dell, Gateway, eMachines, and ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r computer manufacturers.

Wednesday, November 01, 2006

MoKB starts: MOKB-01-11-2006 - Apple Airport 802.11 Probe Response Kernel Memory Corruption

The Month of Kernel Bugs has started. The first bug is a memory corruption vulnerability found and contributed by fellow H D Moore.

The Apple Airport driver provided with Orinoco-based Airport cards (1999-2003 PowerBooks, iMacs) is vulnerable to a remote memory corruption flaw. When cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 driver is placed into active scanning mode, a malformed probe response frame can be used to corrupt internal kernel structures, leading to arbitrary code execution.

With all cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 hype and buzz about cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 now infamous Apple wireless device driver bugs (brought to attention at Black Hat, by Johnny Cache and David Maynor, covered up and FUD'ed by ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365rs), hopefully this will bring some light (better said, proof) about cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 existence of such flaws in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Airport device drivers.

The vulnerability details and proof of concept code can be found in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 MOKB-01-11-2006 page.

Trick or treat? Happy Halloween.