PT-2006-6549 · Broadcom+1 · Broadcom Bcmwl5.Sys+1

Johnny Cache

·

Publicado

2006-11-14

·

Atualizado

2017-07-20

·

CVE-2006-5882

CVSS v2.0

8.3

Alta

VetorAV:A/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Broadcom BCMWL5.SYS wireless device driver version 3.50.21.10 Cisco Linksys WPC300N Wireless-N Notebook Adapter versions prior to 4.100.15.5
Description The issue is a stack-based buffer overflow in the Broadcom BCMWL5.SYS wireless device driver. It allows remote attackers to execute arbitrary code via an 802.11 response frame containing a long SSID field.
Recommendations For Broadcom BCMWL5.SYS wireless device driver version 3.50.21.10, update to a newer version to mitigate the risk. For Cisco Linksys WPC300N Wireless-N Notebook Adapter versions prior to 4.100.15.5, update to version 4.100.15.5 or later.

Exploit

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

CVE-2006-5882

Produtos afetados

Broadcom Bcmwl5.Sys
Linksys Wpc300N Wireless-N Notebook Adapter