Sign-up

ID

VAR-200611-0289


CVE

CVE-2006-5972


TITLE

NetGear WG111v2 Wireless Driver Long Beacon Buffer Overflow Vulnerability

Trust: 0.9

sources: BID: 21126 // CNNVD: CNNVD-200611-293

DESCRIPTION

Stack-based buffer overflow in WG111v2.SYS in NetGear WG111v2 wireless adapter (USB) allows remote attackers to execute arbitrary code via a long 802.11 beacon request. A buffer overflow vulnerability has been reported in the Netgear WG111v2.SYS wireless driver. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code, or cause a denial-of-service condition. Failed attempts will likely crash the kernel, resulting in denial-of-service conditions. The WG111v2.SYS driver is primarily used on Windows, but administrators should check Linux and BSD machines using the 'ndiswrapper' tool to determine if they are using a vulnerable instance of the driver. Note also that an attacker can exploit tthis vulnerability only from within the range of broadcast of 802.11 wireless connections. Version 5.1213.6.316 of the WG111v2.SYS driver is vulnerable to this issue; other versions may also be affected. ---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links Read the full description: http://corporate.secunia.com/products/48/?r=l Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l ---------------------------------------------------------------------- TITLE: NetGear WG111v2 Wireless Driver Beacon Request Buffer Overflow SECUNIA ADVISORY ID: SA22962 VERIFY ADVISORY: http://secunia.com/advisories/22962/ CRITICAL: Moderately critical IMPACT: System access WHERE: >From remote SOFTWARE: NetGear WG111v2 Wireless Driver 1.x http://secunia.com/product/12649/ NetGear WG111v2 Wireless Driver 2.x http://secunia.com/product/12650/ DESCRIPTION: A vulnerability has been reported in NetGear WG111v2 wireless driver, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the WG111v2.SYS driver when handling beacon requests. SOLUTION: Turn off the wireless card when not in use to reduce the risk. PROVIDED AND/OR DISCOVERED BY: H D Moore ORIGINAL ADVISORY: http://projects.info-pull.com/mokb/MOKB-16-11-2006.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.79

sources: NVD: CVE-2006-5972 // CERT/CC: VU#445753 // JVNDB: JVNDB-2006-002429 // BID: 21126 // VULHUB: VHN-22080 // PACKETSTORM: 52218

AFFECTED PRODUCTS

vendor:netgearmodel:wg111v2 driverscope:eqversion:5.1213.6.316

Trust: 1.6

vendor:netgearmodel:wg111v2scope:eqversion:*

Trust: 1.0

vendor:netgearmodel: - scope: - version: -

Trust: 0.8

vendor:net gearmodel:wg111v2 driverscope: - version: -

Trust: 0.8

vendor:netgearmodel:wg111v2scope: - version: -

Trust: 0.6

vendor:netgearmodel:wg111v2.sys driverscope:eqversion:5.1213.6.316

Trust: 0.3

vendor:netgearmodel:wg111v2 wireless adapterscope:eqversion:0

Trust: 0.3

sources: CERT/CC: VU#445753 // BID: 21126 // JVNDB: JVNDB-2006-002429 // CNNVD: CNNVD-200611-293 // NVD: CVE-2006-5972

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2006-5972
value: HIGH

Trust: 1.0

CARNEGIE MELLON: VU#445753
value: 3.48

Trust: 0.8

NVD: CVE-2006-5972
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200611-293
value: CRITICAL

Trust: 0.6

VULHUB: VHN-22080
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2006-5972
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-22080
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#445753 // VULHUB: VHN-22080 // JVNDB: JVNDB-2006-002429 // CNNVD: CNNVD-200611-293 // NVD: CVE-2006-5972

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-5972

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200611-293

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200611-293

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2006-002429

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-22080

PATCH
title:WG111v2url:http://support.netgear.com/product/WG111v2
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2006-002429

EXTERNAL IDS
db:CERT/CCid:VU#445753
Trust: 3.6
db:SECUNIAid:22962
Trust: 2.6
db:NVDid:CVE-2006-5972
Trust: 2.5
db:BIDid:21126
Trust: 2.0
db:SECTRACKid:1017245
Trust: 1.7
db:VUPENid:ADV-2006-4560
Trust: 1.7
db:JVNDBid:JVNDB-2006-002429
Trust: 0.8
db:CNNVDid:CNNVD-200611-293
Trust: 0.7
db:XFid:30370
Trust: 0.6
db:XFid:111
Trust: 0.6
db:EXPLOIT-DBid:16388
Trust: 0.1
db:SEEBUGid:SSVID-70905
Trust: 0.1
db:PACKETSTORMid:83056
Trust: 0.1
db:VULHUBid:VHN-22080
Trust: 0.1
db:PACKETSTORMid:52218
Trust: 0.1
sources:
            
            
            CERT/CC: VU#445753 // 
            
            
            
            VULHUB: VHN-22080 // 
            
            
            
            BID: 21126 // 
            
            
            
            JVNDB: JVNDB-2006-002429 // 
            
            
            
            PACKETSTORM: 52218 // 
            
            
            
            CNNVD: CNNVD-200611-293 // 
            
            
            
            NVD: CVE-2006-5972

REFERENCES
url:http://www.kb.cert.org/vuls/id/445753
Trust: 2.8
url:http://projects.info-pull.com/mokb/mokb-16-11-2006.html
Trust: 2.6
url:http://www.securityfocus.com/bid/21126
Trust: 1.7
url:http://securitytracker.com/id?1017245
Trust: 1.7
url:http://secunia.com/advisories/22962
Trust: 1.7
url:http://www.vupen.com/english/advisories/2006/4560
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/30370
Trust: 1.1
url:http://secunia.com/advisories/22962/
Trust: 0.9
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5972
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-5972
Trust: 0.8
url:http://www.frsirt.com/english/advisories/2006/4560
Trust: 0.6
url:http://xforce.iss.net/xforce/xfdb/30370
Trust: 0.6
url:http://uninformed.org/index.cgi?v=6&a=2
Trust: 0.3
url:http://kbserver.netgear.com/products/wg111v2.asp
Trust: 0.3
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/product/12650/
Trust: 0.1
url:http://corporate.secunia.com/products/48/?r=l
Trust: 0.1
url:http://secunia.com/product/12649/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://corporate.secunia.com/how_to_buy/15/?r=l
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            CERT/CC: VU#445753 // 
            
            
            
            VULHUB: VHN-22080 // 
            
            
            
            BID: 21126 // 
            
            
            
            JVNDB: JVNDB-2006-002429 // 
            
            
            
            PACKETSTORM: 52218 // 
            
            
            
            CNNVD: CNNVD-200611-293 // 
            
            
            
            NVD: CVE-2006-5972

CREDITS
H D Moore
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200611-293

SOURCES
db:CERT/CCid:VU#445753
db:VULHUBid:VHN-22080
db:BIDid:21126
db:JVNDBid:JVNDB-2006-002429
db:PACKETSTORMid:52218
db:CNNVDid:CNNVD-200611-293
db:NVDid:CVE-2006-5972

LAST UPDATE DATE
2024-08-14T15:31:00.208000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#445753date:2006-11-17T00:00:00
db:VULHUBid:VHN-22080date:2017-07-20T00:00:00
db:BIDid:21126date:2007-01-15T23:30:00
db:JVNDBid:JVNDB-2006-002429date:2012-09-25T00:00:00
db:CNNVDid:CNNVD-200611-293date:2006-11-20T00:00:00
db:NVDid:CVE-2006-5972date:2017-07-20T01:34:07.260

SOURCES RELEASE DATE
db:CERT/CCid:VU#445753date:2006-11-17T00:00:00
db:VULHUBid:VHN-22080date:2006-11-18T00:00:00
db:BIDid:21126date:2006-11-16T00:00:00
db:JVNDBid:JVNDB-2006-002429date:2012-09-25T00:00:00
db:PACKETSTORMid:52218date:2006-11-17T23:30:18
db:CNNVDid:CNNVD-200611-293date:2006-11-17T00:00:00
db:NVDid:CVE-2006-5972date:2006-11-18T01:07:00