D-Link DWL-G132 ASAGU.SYS Wireless Device Driver Stack Buffer Overflow Vulnerability
BID:21032
Info
D-Link DWL-G132 ASAGU.SYS Wireless Device Driver Stack Buffer Overflow Vulnerability
| Bugtraq ID: | 21032 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2006-6055 |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 13 2006 12:00AM |
| Updated: | Jul 06 2016 01:33PM |
| Credit: | H D Moore <[email protected]> is credited with the discovery of this vulnerability. Assistance was provided by Matt Miller <[email protected]>, Johnny Cache <[email protected]>, and LMH <[email protected]>. |
| Vulnerable: |
D-Link DWL-G132 0 D-Link ASAGU.SYS 1.0.1 .41 |
| Not Vulnerable: | |
Discussion
D-Link DWL-G132 ASAGU.SYS Wireless Device Driver Stack Buffer Overflow Vulnerability
The D-Link Wireless Device Driver for DWL-G132 devices is prone to a stack-based buffer-overflow vulnerability because the driver fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.
Exploiting this issue allows attackers to execute arbitrary machine code in the context of the kernel hosting the vulnerable driver. Failed attempts will likely crash the kernel, resulting in denial-of-service conditions.
The ASAGU.SYS driver is primarily used on the Microsoft Window operating system. Note, however, that Linux and BSD machines using the 'ndiswrapper' tool should determine if they are using a vulnerable instance of the driver.
Note also that this vulnerability can be exploited only when an attacker is within the range of broadcast of 802.11 wireless connections.
Version 1.0.1.41 of the ASAGU.SYS driver is reported vulnerable; other versions may also be affected.
The D-Link Wireless Device Driver for DWL-G132 devices is prone to a stack-based buffer-overflow vulnerability because the driver fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.
Exploiting this issue allows attackers to execute arbitrary machine code in the context of the kernel hosting the vulnerable driver. Failed attempts will likely crash the kernel, resulting in denial-of-service conditions.
The ASAGU.SYS driver is primarily used on the Microsoft Window operating system. Note, however, that Linux and BSD machines using the 'ndiswrapper' tool should determine if they are using a vulnerable instance of the driver.
Note also that this vulnerability can be exploited only when an attacker is within the range of broadcast of 802.11 wireless connections.
Version 1.0.1.41 of the ASAGU.SYS driver is reported vulnerable; other versions may also be affected.
Exploit / POC
D-Link DWL-G132 ASAGU.SYS Wireless Device Driver Stack Buffer Overflow Vulnerability
The following Metasploit exploit is available:
The following Metasploit exploit is available:
Solution / Fix
D-Link DWL-G132 ASAGU.SYS Wireless Device Driver Stack Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
D-Link DWL-G132 ASAGU.SYS Wireless Device Driver Stack Buffer Overflow Vulnerability
References:
References:
- DWL-G132 Product Page (D-Link)
- Exploiting 802.11 Wireless Driver Vulnerabilities on Windows (Uninformed)
- MOKB-13-11-2006 (MoKB)