CVE-2009-0282

Name of the Vulnerable Software and Affected Versions rt2400 versions 1.2.2 beta3 and earlier rt2500-source (affected versions not specified) rt2570-source (affected versions not specified) Ralink Technology USB wireless adapter (RT73) version 3.08

Description The issue concerns multiple vulnerabilities in wireless adapter drivers, including rt2400, rt2500, rt2570, and rt61, which can lead to disruption of confidentiality, integrity, and availability of protected information. Exploitation of these vulnerabilities can be done remotely. An integer overflow in the Ralink Technology USB wireless adapter (RT73) driver allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Probe Request packet with a long SSID.

Recommendations For rt2400 versions 1.2.2 beta3 and earlier, update to a version later than 1.2.2 beta3. For rt2500-source, restrict access to vulnerable modules to minimize the risk of exploitation until a patch is available. For rt2570-source, avoid using vulnerable parameters in affected API endpoints until the issue is resolved. For Ralink Technology USB wireless adapter (RT73) version 3.08, consider disabling the vulnerable function until a patch is available. At the moment, there is no information about a newer version that contains a fix for rt2500-source and rt2570-source.