Monday, November 13, 2006
MOKB-13-11-2006: D-Link DWL-G132 Wireless Driver Beacon Rates Overflow
The D-Link DWL-G132 wireless adapter (USB) ships with a version of A5AGU.SYS that is vulnerable to a stack-based buffer overflow. This overflow can lead to arbitrary kernel-mode code execution. The overflow occurs when a 802.11 beacon request is received that contains over 36 bytes in the Rates information element (IE).
- More details
- Proof of concept: dlink_wifi_rates.rb (Metasploit)