Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Mokb: New Broadcom Wi-fi Exploit Released


  • Please log in to reply
No replies to this topic

#1 harrywaldron

harrywaldron

    Security Reporter


  • Members
  • 509 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:07:06 PM

Posted 14 November 2006 - 02:45 PM

The Windows version of this driver is vulnerable with a POC exploit developed as part of the MOKB project. The MOKB crew are also noting that other operating systems could be impacted also.

Everyone using wireless technology should take a close look at this new potential exposure, as the Broadcom based software may be used by other OEMs, besides Linksys


MOKB: New Broadcom Wi-Fi Exploit released
http://blogs.zdnet.com/Ou/?p=365
http://www.incidents.org/diary.php?storyid=1845
http://sunbeltblog.blogspot.com/2006/11/wifi-exploit.html

This is a serious exploit, mitigated only by the fact that someone has to get into wireless range of your PC in order to attack your system (100 to 200 feet, more with a high-powered antenna). However, this does not mean that it should be taken lightly. Follow the instructions below to patch the driver. Linksys has an update to the driver, which is believed to work with any system using the Broadcom device driver (as most of you know, itís common in the hardware world for one company to sell software or hardware to multiple different companies). So if youíre running the Broadcom driver, update it as soon as possible.


MOKB-11-11-2006: Broadcom Wireless Driver Probe Response SSID Overflow
http://kernelfun.blogspot.com/2006/11/mokb...m-wireless.html
http://projects.info-pull.com/mokb/MOKB-11-11-2006.html

The "Month of Kernel Bug" project released an advisory with details about a bug in Broadcoms Windows driver for its Wireless card. The high/low points:
* Only effects the wireless driver, not the broadcom wired cards.
& The resepective file is BCMWL5.SYS Version 3.50.21.10 (this is the version pointed out as vulnerable. Others may be vulnerable as well).
* Only Linksys published an official update at this time.
* Other vendors have later versions of this file available as patches. It is not clear if they patch the problem or not.
* The problem is triggered by an overly long SSID
* The MOKB project published a metasploit module to ease exploitation of this problem.



BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users