Alarm Raised for Critical Broadcom WiFi Driver Flaw

Computer security analysts are raising the alarm for a critical vulnerability in the Broadcom wireless driver embedded in PCs from HP, Dell, Gateway and eMachines. The vulnerability, which exposed as part of the MoKB (Month of Kernel Bugs) project, is a stack-based buffer overflow in the Broadcom BCMWL5.SYS wireless device driver that could be exploited by attackers to take complete control of a Wi-Fi-enabled laptop.

The vulnerability is caused by improper handling of 802.11 probe responses containing a long SSID field and can lead to arbitrary kernel-mode code execution. Alarm Raised for Critical Broadcom Wi-Fi Driver Flaw

Linked by shanmuga Monday, 13th November 2006 6:40AM