Netgear Wireless Flaw Comes To Light
A vulnerability has been identified in the device driver for the NetGear WG111v2, a $49.95 wireless USB adapter, that could allow a remote attacker to gain complete control over a vulnerable PC, Symantec said Thursday in a bulletin to Deepsight subscribers.
The vulnerability affects version 5.1213.6.316 of the WG111v2.SYS driver, and other versions may also be affected, Symantec said. At press time, Netgear had not released an updated driver to address the issue.
Security researcher HD Moore of the Metasploit Project discovered the Netgear vulnerability and has released an exploit module.
Like the D-Link wireless device driver flaw that MoKB revealed earlier this week, the Netgear vulnerability is triggered when the driver attempts to process an excessively large beacon frame, which enables WLAN access points to initiate and maintain communication with each other.
A successful exploit would give an attacker the ability to execute malicious code in kernel mode, and because the flaw is exploited through beacon frames, all wireless cards within range would be affected, according to a post on the MoKB blog.
Wireless device driver vulnerabilities have always existed, but better fuzzing tools are enabling researchers to uncover more of them, says Rich Mogull, research vice president of information security and risk at Gartner.
Metasploit's ability to transition between kernel mode and user mode is also leading to more flaws being discovered, and could eventually lead to more exploits being discovered in non-Windows operating systems, Mogull added.
Symantec Deepsight gave the vulnerability an aggregate threat score of 9.6 out of 10, while the French Security Incident Response Team (FrSIRT) said it was 'critical', or 4 on a 4-point scale. Secunia saw it as 'moderately critical', or 3 on a 5-point scale.