Details of VAR-200611-0508

ID

VAR-200611-0508

CVE

CVE-2006-6055

TITLE

D-Link DWL-G132 Wireless adapter A5AGU.SYS Vulnerable to stack-based buffer overflow

Trust: 0.8

sources: JVNDB: JVNDB-2006-001595

DESCRIPTION

Stack-based buffer overflow in A5AGU.SYS 1.0.1.41 for the D-Link DWL-G132 wireless adapter allows remote attackers to execute arbitrary code via a 802.11 beacon request with a long Rates information element (IE). D-LINK DWL-G132 is a high performance 802.11g wireless network card. D-Link DWL-G132 wireless network card A5AGU.SYS driver has a stack overflow vulnerability. A remote attacker may use this vulnerability to execute arbitrary instructions on the user's machine. Because the overflow is triggered by a beacon frame, all network cards in the attack range are affected. The D-Link Wireless Device Driver for DWL-G132 devices is prone to a stack-based buffer-overflow vulnerability because the driver fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer. Exploiting this issue allows attackers to execute arbitrary machine code in the context of the kernel hosting the vulnerable driver. Failed attempts will likely crash the kernel, resulting in denial-of-service conditions. The ASAGU.SYS driver is primarily used on the Microsoft Window operating system. Note, however, that Linux and BSD machines using the 'ndiswrapper' tool should determine if they are using a vulnerable instance of the driver. Note also that this vulnerability can be exploited only when an attacker is within the range of broadcast of 802.11 wireless connections. Version 1.0.1.41 of the ASAGU.SYS driver is reported vulnerable; other versions may also be affected. ---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links Read the full description: http://corporate.secunia.com/products/48/?r=l Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l ---------------------------------------------------------------------- TITLE: D-Link DWL-G132 Wireless Driver Beacon Rates Buffer Overflow SECUNIA ADVISORY ID: SA22860 VERIFY ADVISORY: http://secunia.com/advisories/22860/ CRITICAL: Moderately critical IMPACT: System access WHERE: >From remote SOFTWARE: D-Link Wireless USB Network Adapter Driver 1.x http://secunia.com/product/12585/ DESCRIPTION: H D Moore has reported a vulnerability in D-Link DWL-G132 Wireless driver, which can be exploited by malicious people to compromise a vulnerable system. This can be exploited to cause a stack-based buffer overflow via a specially crafted packet. PROVIDED AND/OR DISCOVERED BY: H D Moore ORIGINAL ADVISORY: http://projects.info-pull.com/mokb/MOKB-13-11-2006.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.7

sources: NVD: CVE-2006-6055 // JVNDB: JVNDB-2006-001595 // CNVD: CNVD-2006-8432 // BID: 21032 // VULHUB: VHN-22163 // VULMON: CVE-2006-6055 // PACKETSTORM: 52061

IOT TAXONOMY

category:

['IoT']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2006-8432

AFFECTED PRODUCTS

vendor:	d link	model:	dwl-g132	scope:	-	version:	-	Trust: 1.4
vendor:	d link	model:	dwl-g132	scope:	eq	version:	*	Trust: 1.0
vendor:	none	model:	-	scope:	-	version:	-	Trust: 0.6
vendor:	d link	model:	dwl-g132	scope:	eq	version:	0	Trust: 0.3
vendor:	d link	model:	asagu.sys	scope:	eq	version:	1.0.1.41	Trust: 0.3

sources: CNVD: CNVD-2006-8432 // BID: 21032 // JVNDB: JVNDB-2006-001595 // CNNVD: CNNVD-200611-334 // NVD: CVE-2006-6055

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2006-6055
value:	HIGH
Trust: 1.0
NVD:	CVE-2006-6055
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200611-334
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-22163
value:	HIGH
Trust: 0.1
VULMON:	CVE-2006-6055
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2006-6055
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-22163
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-22163 // VULMON: CVE-2006-6055 // JVNDB: JVNDB-2006-001595 // CNNVD: CNNVD-200611-334 // NVD: CVE-2006-6055

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-6055

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200611-334

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200611-334

CONFIGURATIONS

sources: JVNDB: JVNDB-2006-001595

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-22163 // VULMON: CVE-2006-6055

PATCH

title:

Top Page

url:

http://www.dlink.com/

Trust: 0.8

sources: JVNDB: JVNDB-2006-001595

EXTERNAL IDS

db:	NVD	id:	CVE-2006-6055	Trust: 3.5
db:	BID	id:	21032	Trust: 2.1
db:	SECUNIA	id:	22860	Trust: 1.9
db:	SECTRACK	id:	1017215	Trust: 1.8
db:	VUPEN	id:	ADV-2006-4488	Trust: 1.8
db:	JVNDB	id:	JVNDB-2006-001595	Trust: 0.8
db:	CNNVD	id:	CNNVD-200611-334	Trust: 0.7
db:	CNVD	id:	CNVD-2006-8432	Trust: 0.6
db:	EXPLOIT-DB	id:	2771	Trust: 0.2
db:	SEEBUG	id:	SSVID-70903	Trust: 0.1
db:	VULHUB	id:	VHN-22163	Trust: 0.1
db:	VULMON	id:	CVE-2006-6055	Trust: 0.1
db:	PACKETSTORM	id:	52061	Trust: 0.1

sources: CNVD: CNVD-2006-8432 // VULHUB: VHN-22163 // VULMON: CVE-2006-6055 // BID: 21032 // JVNDB: JVNDB-2006-001595 // PACKETSTORM: 52061 // CNNVD: CNNVD-200611-334 // NVD: CVE-2006-6055

REFERENCES

url:	http://projects.info-pull.com/mokb/mokb-13-11-2006.html	Trust: 2.2
url:	http://www.securityfocus.com/bid/21032	Trust: 1.9
url:	http://securitytracker.com/id?1017215	Trust: 1.8
url:	http://secunia.com/advisories/22860	Trust: 1.8
url:	http://www.vupen.com/english/advisories/2006/4488	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-6055	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-6055	Trust: 0.8
url:	http://www.frsirt.com/english/advisories/2006/4488	Trust: 0.6
url:	http://www.dlink.com/products/?pid=358	Trust: 0.3
url:	http://uninformed.org/index.cgi?v=6&a=2	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.exploit-db.com/exploits/2771/	Trust: 0.1
url:	http://secunia.com/advisories/22860/	Trust: 0.1
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://corporate.secunia.com/products/48/?r=l	Trust: 0.1
url:	http://secunia.com/product/12585/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://corporate.secunia.com/how_to_buy/15/?r=l	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1

sources: VULHUB: VHN-22163 // VULMON: CVE-2006-6055 // BID: 21032 // JVNDB: JVNDB-2006-001595 // PACKETSTORM: 52061 // CNNVD: CNNVD-200611-334 // NVD: CVE-2006-6055

CREDITS

H D Moore <hdm@metasploit.com> is credited with the discovery of this vulnerability. Assistance was provided by Matt Miller <mmiller@hick.org>, Johnny Cache <johnnycsh@802.11mercenary.net>, and LMH <lmh@info-pull.com>.

Trust: 0.3

sources: BID: 21032

SOURCES

db:	CNVD	id:	CNVD-2006-8432
db:	VULHUB	id:	VHN-22163
db:	VULMON	id:	CVE-2006-6055
db:	BID	id:	21032
db:	JVNDB	id:	JVNDB-2006-001595
db:	PACKETSTORM	id:	52061
db:	CNNVD	id:	CNNVD-200611-334
db:	NVD	id:	CVE-2006-6055

LAST UPDATE DATE

2024-08-14T14:59:06.191000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2006-8432	date:	2006-11-13T00:00:00
db:	VULHUB	id:	VHN-22163	date:	2011-03-08T00:00:00
db:	VULMON	id:	CVE-2006-6055	date:	2011-03-08T00:00:00
db:	BID	id:	21032	date:	2016-07-06T13:33:00
db:	JVNDB	id:	JVNDB-2006-001595	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200611-334	date:	2006-12-12T00:00:00
db:	NVD	id:	CVE-2006-6055	date:	2011-03-08T02:44:50.563

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2006-8432	date:	2006-11-13T00:00:00
db:	VULHUB	id:	VHN-22163	date:	2006-11-22T00:00:00
db:	VULMON	id:	CVE-2006-6055	date:	2006-11-22T00:00:00
db:	BID	id:	21032	date:	2006-11-13T00:00:00
db:	JVNDB	id:	JVNDB-2006-001595	date:	2012-06-26T00:00:00
db:	PACKETSTORM	id:	52061	date:	2006-11-16T03:19:38
db:	CNNVD	id:	CNNVD-200611-334	date:	2006-11-21T00:00:00
db:	NVD	id:	CVE-2006-6055	date:	2006-11-22T01:07:00