NetGear WG111v2 Wireless Driver Long Beacon Buffer Overflow Vulnerability

NetGear WG111v2 Wireless Driver Long Beacon Buffer Overflow Vulnerability

NetGear WG111v2 Wireless devices are prone to a stack-based buffer-overflow vulnerability because the driver fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.

Exploiting this issue allows attackers to execute arbitrary machine code in the context of the kernel hosting the vulnerable driver. Failed attempts will likely crash the kernel, resulting in denial-of-service conditions.

The WG111v2.SYS driver is primarily used on Windows, but administrators should check Linux and BSD machines using the 'ndiswrapper' tool to determine if they are using a vulnerable instance of the driver.

Note also that an attacker can exploit tthis vulnerability only from within the range of broadcast of 802.11 wireless connections.

Version 5.1213.6.316 of the WG111v2.SYS driver is vulnerable to this issue; other versions may also be affected.