Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
Security Wireless Networking

Code Execution Bug In Broadcom Wi-Fi Driver 157

Posted by Zonk from the catch-that-insect dept.
2U*U2 writes to mention an EWeek article about an entry in the Month of Kernel Bugs. John Ellch has discovered a critical vulnerability in the Broadcom wireless driver: a driver used in machines from HP, Dell, Gateway, and eMachines. From the article: "[The bug] is a stack-based buffer overflow in the Broadcom BCMWL5.SYS wireless device driver that could be exploited by attackers to take complete control of a Wi-Fi-enabled laptop. The vulnerability is caused by improper handling of 802.11 probe responses containing a long SSID field and can lead to arbitrary kernel-mode code execution. The volunteer ZERT (Zero Day Emergency Response Team) warns that the flaw could be exploited wirelessly if a vulnerable machine is within range of the attacker."
This discussion has been archived. No new comments can be posted.

Code Execution Bug In Broadcom Wi-Fi Driver More

Code Execution Bug In Broadcom Wi-Fi Driver

Comments Filter:

  • Thanks (Score:5, Funny)

    by SnowZero ( 92219 ) on Sunday November 12, 2006 @07:19AM (#16812652)
    Thanks for mentioning the affected operating system(s). Oh wait, you didn't...
    Here, I'll help:
    Code Execution Bug in Broadcom Wi-Fi Windows Driver

  • Well crap. (Score:5, Funny)

    by Merc248 ( 1026032 ) on Sunday November 12, 2006 @07:23AM (#16812666) Homepage

    Checklist for today:

    1. Eat
    2. Rant on Slashdot
    3. Change SSID from "omgomgomgomgomgomgomg" to "omgomgomg"
    4. Sleep

  • Johnny Cache (Score:1, Funny)

    by davro ( 539320 ) on Sunday November 12, 2006 @07:31AM (#16812694) Homepage
    Quote
    "Microsoft's Windows operating system is exploitable without the existence of an access point or any interaction from the user.
    The card's background scan of available wireless networks triggers the flaw," the group said.
    eWEEK.com Special Report: Mac Security"

    The bug was first discovered by wireless security guru Jon "Johnny Cache" Ellch, the researcher who was embroiled in a controversy with Apple over similar bugs in the Wi-Fi driver that ships with the Mac OS X.


    Checklist for today:

    1. Eat
    2. Rant on Slashdot
    3. Change SSID from "omgomgomg" to "omgomgomgomgomgomgomg"
    4. Wait for the muppets to connect.
    5. Profit !

  • Re:But which OS!? (Score:2, Funny)

    by Anonymous Coward on Sunday November 12, 2006 @07:39AM (#16812734)
    I read the summary just a few seconds after it was posted, and you can imagine the effect it had on me to read this on a laptop using EXACTLY that card, in a wave phyiscs lecture...

    Please never scare me again like this, for a moment i thought Windows was more secure than Linux...

  • "BCMWL5.SYS" (Score:5, Funny)

    by The Creator ( 4611 ) on Sunday November 12, 2006 @08:27AM (#16812928) Homepage Journal
    This is slashdot, you are supposed to guess the OS from the filename of the device driver.

Slashdot Top Deals

New York... when civilization falls apart, remember, we were way ahead of you. - David Letterman

Close