mobile security

news, reviews and going's on in the world of mobile security

Hole found in BroadCom wireless driver

Filed under: Laptop Security — webmaster at 5:42 pm on Sunday, November 19, 2006

broadcom.jpgAn unnamed researcher, together with H.D, Moore, creator of metasploit and director of Security Research says vulnerable systems are exposed to a “stack-based buffer overflow that can lead to arbitrary kernel-mode code execution.” Essentially, you’re vulnerable when connected via WiFi as an attacker who is connected to the same WiFi network as you could remotely run some code on your machine. For this, the attacker needs to be running Linux, metasploit and have a wireless card capable of performing raw packet injections. The offending driver is called BCMWL5.SYS Laptops known to be using this driver (among other manufacturers) include Dell, Gateway, IBM, eMachines and HP.

What is interesting about this hole is that malicious packets will be seen by the driver before it is seen by a firewall, rendering it useless.

Until a driver a driver update is posted, a useful workaround for vulnerable systems is to switch to another wireless driver (e.g. Linksys) or to disable wireless completely.

No Tags
Powered by Gregarious (41) Google Reader or Homepage Subscribe Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online Subscribe in Rojo gritwire Add to Technorati Favorites!

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

 
Socialized through Gregarious 41