Researcher Roots Out D-Link Wireless Bug

Symantec Tuesday warned of an unpatched vulnerability in a D-Link wireless device driver that could enable an attacker to create a denial of service situation or compromise an affected PC. The flaw affects the wireless driver for D-Link's DWL-G650+, which connects notebook PCs to 802.11 b/g WLANs.

An error that occurs when the driver processes malformed beacon frames could enable an attacker to trigger a buffer overflow and execute malicious code, Symantec said in a Deepsight Threat Management System bulletin.

However, to exploit the vulnerability, a hacker would have to be in range of the wireless connection on the device, Symantec said.

The vulnerability exists on Windows XP and affects version 6.0.0.18 (Rev. A1) of the driver, and other drivers are also potentially vulnerable, according to Symantec.

Symantec, which rated the severity of the vulnerability as 9.4 out of 10, said it isn't aware of any patch, and recommended that users disable wireless network cards when in public areas.

D-Link could not be reached for comment.

Symantec credited Laurent Butti, a researcher with the R&D unit of France Telecom's Orange division, with discovering the flaw. Butti, who has developed his own 802.11 'fuzzing' tool, in March provided details on the D-Link vulnerability at Black Hat Europe in Amsterdam.

Last November, security researchers from the Month Of Kernel Bugs project discovered a buffer overflow vulnerability in the wireless driver that ships with the widely used D-Link DWL-G132 wireless USB adapter.