SANS Institute - @RISK: The Consensus Security Vulnerability Alert

CRITICAL: Intel Centrino Wireless Driver Buffer Overflow

• Affected:
  • Intel Centrino 2200BG Wireless Device Driver

• Description: The Intel Centrino 2200BG is a popular wireless network (802.11) card, commonly used in laptop computers. Its driver for Microsoft Windows contains a buffer overflow in its handling of wireless network traffic, a vulnerability that Intel has fixed since January 2007. A new exploit targeting this vulnerability has been released. A specially crafted wireless network frame could trigger this vulnerability, allowing an attacker to execute arbitrary code with kernel level privileges, completely compromising the vulnerable system. The wireless network interface on the vulnerable system need only be in range of the attacker; it need not be connected to any particular wireless network to be vulnerable. Full technical details and a proof-of-concept are publicly available for this vulnerability.

• Status: Intel confirmed, updates available. The patch can be accessed through Intel site reverenced below.

  SANS Institute - @RISK: The Consensus Security Vulnerability Alert