Homepage Rankings and Research Companies Channelcast Marketing Matters CRNtv Events WOTC NetApp Digital Newsroom WatchGuard Digital Newsroom Cisco Partner Summit Digital 2020 HPE Zone The Business Continuity Center Enterprise Tech Provider Masergy Zenith Partner Program Newsroom Hitachi Vantara Digital Newsroom IBM Newsroom Juniper Newsroom Intel Partner Connect 2021 Avaya Newsroom Experiences That Matter The IoT Integrator NetApp Data Fabric Intel Tech Provider Zone

Researcher Unearths D-Link Wireless Driver Flaw

Security researchers have discovered a buffer overflow vulnerability in the wireless driver that ships with a widely used D-Link wireless USB adapter that could enable attackers to gain control over an affected PC.

buffer vulnerability driver USB

The vulnerability is in the wireless driver that ships with D-Link's DWL-G132 wireless USB adapter and results from the driver's failure to check the size of user-supplied data before copying it to the memory buffer, Symantec said in a Deepsight Threat Management System bulletin.

The flaw is triggered when the driver tries to process an excessively large beacon frame, which enables WLAN access points to initiate and maintain communication with each other. A successful exploit would enable an attacker to execute malicious code on the targeted PC, but even a failed attempt likely would crash the kernel and create a denial-of-service situation, according to Symantec.

Since the flaw is exploited via beacon frames, all vulnerable cards within range of the attacker will be affected, said HD Moore, director of security research at BreakingPoint Systems and developer of the open-source Metasploit vulnerability testing tool. Moore discovered the vulnerability.

The D-Link vulnerability, like the Broadcom wireless driver flaw reported over the weekend, is part of the Month Of Kernel Bugs (MoKB) project, which highlights common kernel flaws daily during November.

Though the Broadcom wireless driver flaw affects a wider range of systems, the D-Link exploit is much easier to automate because an attacker could continuously send the exploit traffic and automatically compromise anything within range, according to Moore. In contrast, the Broadcom exploit would require a second component that looks for probe requests from vulnerable clients and responds accordingly, Moore said.

Version of the A5AGU.SYS driver that ships with the DWL-G132 is affected by the vulnerability. So far, D-Link hasn't posted a fix for the DWL-G132 issue.

However, a newer version of the A5AGU.SYS driver that ships with another D-Link product, the WUA-2340 RangeBooster G USB adapter, appears to address the issue, according to a post on the MoKB blog.

Symantec Deepsight assigned the D-Link vulnerability an aggregate threat rating of 9.6 on a 10-point scale.

Back to Top



    trending stories

    sponsored resources