10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.186 Low
EPSS
Percentile
96.3%
A buffer overflow vulnerability exists in the Netgear MA521nd5.SYS
wireless driver. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code, or cause a denial-of-service condition.
The MA521nd5.SYS
driver is a wireless (802.11b) device driver produced by Netgear.
A buffer overflow vulnerability has been reported in the MA521nd5.SYS
driver. An attacker within radio range may be able to trigger the overflow by sending a specially-crafted 802.11 management frame to a vulnerable system. Since 802.11b and 802.11g management frames are not encrypted, using wireless encryption (WEP/WPA) does not mitigate this vulnerability.
Note that Linux or Unix systems that use NDISWrapper or similar technologies to load the MA521nd5.SYS
driver may also be vulnerable.
A remote, unauthenticated attacker may be able to execute arbitrary code, or cause a denial-of-service condition on a vulnerable system.
We are currently unaware of a practical solution to this problem.
Disable wireless adapters
Disabling wireless adapters may reduce the chances of this vulnerability being exploited.
395496
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Updated: November 20, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
This issue was reported by Laurent Butti, H D Moore and LMH on the Month of Kernel Bugs website.
This document was written by Ryan Giobbi.
CVE IDs: | CVE-2006-6059 |
---|---|
Severity Metric: | 3.99 Date Public: |