Atheros Wireless Drivers Denial of Service Vulnerability
BID:25160
Info
Atheros Wireless Drivers Denial of Service Vulnerability
| Bugtraq ID: | 25160 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2007-2927 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 01 2007 12:00AM |
| Updated: | Aug 02 2007 08:55PM |
| Credit: | Jeremy Kelley and Nicholas Krasny of IBM Managed Security Services reported this issue. |
| Vulnerable: |
Atheros Communications Wireless Driver 802.11 a/b/g 0 |
| Not Vulnerable: | |
Discussion
Atheros Wireless Drivers Denial of Service Vulnerability
Atheros wireless drivers are prone to a denial-of-service vulnerability because they fail to properly handle malformed wireless frames.
Remote attackers may exploit this issue to cause denial-of-service conditions.
Atheros drivers are also used by OEM (Original Equipment Manufacturer) wireless adapters. Therefore, various brands of wireless adapters using the Atheros chipset are affected by this vulnerability.
This issue is reported to affect drivers for the Windows operating system. Note that Linux, UNIX, and BSD computers may be vulnerable if using the NDISWrapper or similar technology to load an affected driver.
Atheros wireless drivers are prone to a denial-of-service vulnerability because they fail to properly handle malformed wireless frames.
Remote attackers may exploit this issue to cause denial-of-service conditions.
Atheros drivers are also used by OEM (Original Equipment Manufacturer) wireless adapters. Therefore, various brands of wireless adapters using the Atheros chipset are affected by this vulnerability.
This issue is reported to affect drivers for the Windows operating system. Note that Linux, UNIX, and BSD computers may be vulnerable if using the NDISWrapper or similar technology to load an affected driver.
Exploit / POC
Atheros Wireless Drivers Denial of Service Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
Atheros Wireless Drivers Denial of Service Vulnerability
Solution:
The vendor released fixes to address this issue. Please contact the vendor for information on obtaining and applying fixes.
Solution:
The vendor released fixes to address this issue. Please contact the vendor for information on obtaining and applying fixes.
References
Atheros Wireless Drivers Denial of Service Vulnerability
References:
References:
- Atheros Communications Homepage (Atheros Communications)
- Vulnerability Note VU#730169 (US-CERT)