Details of VAR-200608-0200

ID

VAR-200608-0200

CVE

CVE-2006-3992

TITLE

Intel Centrino wireless network drivers fail to properly handle malformed frames

Trust: 0.8

sources: CERT/CC: VU#230208

DESCRIPTION

Unspecified vulnerability in the Centrino (1) w22n50.sys, (2) w22n51.sys, (3) w29n50.sys, and (4) w29n51.sys Microsoft Windows drivers for Intel 2200BG and 2915ABG PRO/Wireless Network Connection before 10.5 with driver 9.0.4.16 allows remote attackers to execute arbitrary code via certain frames that trigger memory corruption. Microsoft Windows drivers for Intel Centrino wireless adapters fail to properly handle malformed frames. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. An attacker within range of a vulnerable Wi-Fi station can trigger these issues to corrupt memory to execute code with kernel-level privileges. A successful attack can result in a complete compromise of the affected computer. Intel PRO/Wireless 2200BG and 2915ABG versions prior to 10.5 with driver version 9.0.4.16 for Windows are vulnerable

Trust: 1.98

sources: NVD: CVE-2006-3992 // CERT/CC: VU#230208 // BID: 19298 // VULHUB: VHN-20100

AFFECTED PRODUCTS

vendor:	intel	model:	2200bg proset wireless	scope:	eq	version:	10	Trust: 1.6
vendor:	intel	model:	2915abg proset wireless	scope:	eq	version:	9	Trust: 1.6
vendor:	intel	model:	2200bg proset wireless	scope:	eq	version:	8	Trust: 1.6
vendor:	intel	model:	2915abg proset wireless	scope:	eq	version:	10	Trust: 1.6
vendor:	intel	model:	2200bg proset wireless	scope:	eq	version:	9	Trust: 1.6
vendor:	intel	model:	2915abg proset wireless	scope:	eq	version:	8	Trust: 1.6
vendor:	dell computer	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	intel	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	intel centrino	scope:	eq	version:	2200bg	Trust: 0.8
vendor:	インテル	model:	intel centrino	scope:	eq	version:	2915abg pro	Trust: 0.8
vendor:	ソニー株式会社	model:	vaio	scope:	-	version:	-	Trust: 0.8
vendor:	日立	model:	flora	scope:	-	version:	-	Trust: 0.8
vendor:	富士通	model:	celsiusワークステーション	scope:	-	version:	-	Trust: 0.8
vendor:	富士通	model:	fmv-lifebook	scope:	-	version:	-	Trust: 0.8
vendor:	intel	model:	pro/wireless 2915abg	scope:	eq	version:	9	Trust: 0.3
vendor:	intel	model:	pro/wireless 2915abg	scope:	eq	version:	10	Trust: 0.3
vendor:	intel	model:	pro/wireless 2200bg	scope:	eq	version:	9	Trust: 0.3
vendor:	intel	model:	pro/wireless 2200bg	scope:	eq	version:	8	Trust: 0.3
vendor:	intel	model:	pro/wireless 2200bg	scope:	eq	version:	10	Trust: 0.3
vendor:	intel	model:	pro/wireless 2915abg driver	scope:	ne	version:	10.59.0.4.16	Trust: 0.3
vendor:	intel	model:	pro/wireless 2200bg driver	scope:	ne	version:	10.59.0.4.16	Trust: 0.3

sources: CERT/CC: VU#230208 // BID: 19298 // JVNDB: JVNDB-2006-000929 // CNNVD: CNNVD-200608-069 // NVD: CVE-2006-3992

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2006-3992
value:	MEDIUM
Trust: 1.0
CARNEGIE MELLON:	VU#230208
value:	12.72
Trust: 0.8
NVD:	CVE-2006-3992
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-200608-069
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-20100
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2006-3992
severity:	MEDIUM
baseScore:	5.1
vectorString:	AV:N/AC:H/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	4.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-20100
severity:	MEDIUM
baseScore:	5.1
vectorString:	AV:N/AC:H/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	4.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#230208 // VULHUB: VHN-20100 // JVNDB: JVNDB-2006-000929 // CNNVD: CNNVD-200608-069 // NVD: CVE-2006-3992

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-3992

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200608-069

TYPE

Boundary Condition Error

Trust: 0.9

sources: BID: 19298 // CNNVD: CNNVD-200608-069

CONFIGURATIONS

sources: JVNDB: JVNDB-2006-000929

PATCH

title:	Top Page	url:	http://www.intel.com/	Trust: 0.8
title:	Intel Wireless LAN デバイスをご使用のお客様へセキュリティ脆弱性についてのお知らせ	url:	http://vcl.vaio.sony.co.jp/notices/security/info222.html	Trust: 0.8
title:	【重要】Intel社製無線LANドライバの脆弱性に関するお知らせ	url:	http://www.hitachi.co.jp/Prod/comp/OSD/pc/flora/information/info0608111.html	Trust: 0.8
title:	[緊急] Intel社製無線（ワイヤレス）LANドライバの脆弱性に関するお知らせ	url:	http://www.fmworld.net/biz/common/intel/wlan.html	Trust: 0.8

sources: JVNDB: JVNDB-2006-000929

EXTERNAL IDS

db:	CERT/CC	id:	VU#230208	Trust: 3.3
db:	BID	id:	19298	Trust: 2.8
db:	NVD	id:	CVE-2006-3992	Trust: 2.8
db:	SECTRACK	id:	1016621	Trust: 2.5
db:	VUPEN	id:	ADV-2006-3100	Trust: 1.7
db:	JVNDB	id:	JVNDB-2006-000929	Trust: 0.8
db:	CNNVD	id:	CNNVD-200608-069	Trust: 0.7
db:	VULHUB	id:	VHN-20100	Trust: 0.1

sources: CERT/CC: VU#230208 // VULHUB: VHN-20100 // BID: 19298 // JVNDB: JVNDB-2006-000929 // CNNVD: CNNVD-200608-069 // NVD: CVE-2006-3992

REFERENCES

url:	http://www.securityfocus.com/bid/19298	Trust: 2.5
url:	http://www.kb.cert.org/vuls/id/230208	Trust: 2.5
url:	http://securitytracker.com/id?1016621	Trust: 2.5
url:	http://support.intel.com/support/wireless/wlan/sb/cs-023065.htm	Trust: 2.0
url:	http://www.frsirt.com/english/advisories/2006/3100	Trust: 1.4
url:	http://www.vupen.com/english/advisories/2006/3100	Trust: 1.1
url:	http://security-center.intel.com/advisory.aspx?intelid=intel-sa-00001&languageid=en-fr	Trust: 0.8
url:	http://support.intel.com/support/wireless/wlan/sb/cs-005905.htm	Trust: 0.8
url:	http://support.intel.com/support/wireless/wlan/sb/cs-010623.htm	Trust: 0.8
url:	http://downloadmirror.intel.com/df-support/11141/eng/relnotes.htm	Trust: 0.8
url:	http://www.f-secure.com/weblog/archives/archive-082006.html#00000940	Trust: 0.8
url:	http://www.f-secure.com/weblog/archives/archive-082006.html#00000938	Trust: 0.8
url:	ftp://download.intel.com/support/wireless/wlan/sb/3945abgug.pdf	Trust: 0.8
url:	http://support.intel.com/support/wireless/wlan/pro2200bg/	Trust: 0.8
url:	ftp://download.intel.com/support/wireless/wlan/pro2200bg/2200bgug.pdf	Trust: 0.8
url:	http://www.ciac.org/ciac/bulletins/q-268.shtml	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=2006-3992	Trust: 0.8
url:	http://jvn.jp/cert/jvnvu230208/index.html	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-3992	Trust: 0.8
url:	http://www.intel.com/network/connectivity/products/wireless/prowireless_mobile.htm	Trust: 0.3

sources: CERT/CC: VU#230208 // VULHUB: VHN-20100 // BID: 19298 // JVNDB: JVNDB-2006-000929 // CNNVD: CNNVD-200608-069 // NVD: CVE-2006-3992

CREDITS

Intelhttp://www.intel.com/

Trust: 0.6

sources: CNNVD: CNNVD-200608-069

SOURCES

db:	CERT/CC	id:	VU#230208
db:	VULHUB	id:	VHN-20100
db:	BID	id:	19298
db:	JVNDB	id:	JVNDB-2006-000929
db:	CNNVD	id:	CNNVD-200608-069
db:	NVD	id:	CVE-2006-3992

LAST UPDATE DATE

2024-08-14T14:00:14.234000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#230208	date:	2007-05-31T00:00:00
db:	VULHUB	id:	VHN-20100	date:	2011-03-08T00:00:00
db:	BID	id:	19298	date:	2006-08-08T05:36:00
db:	JVNDB	id:	JVNDB-2006-000929	date:	2008-11-21T00:00:00
db:	CNNVD	id:	CNNVD-200608-069	date:	2006-08-08T00:00:00
db:	NVD	id:	CVE-2006-3992	date:	2011-03-08T02:39:59.750

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#230208	date:	2006-08-07T00:00:00
db:	VULHUB	id:	VHN-20100	date:	2006-08-05T00:00:00
db:	BID	id:	19298	date:	2006-08-02T00:00:00
db:	JVNDB	id:	JVNDB-2006-000929	date:	2008-11-21T00:00:00
db:	CNNVD	id:	CNNVD-200608-069	date:	2006-08-04T00:00:00
db:	NVD	id:	CVE-2006-3992	date:	2006-08-05T00:04:00