Looks like some laptops have become sitting ducks in the past week :-)
http://isotf.org/advisories/zert-01-111106.htm
-snip-
The Broadcom BCMWL5.SYS wireless device driver is vulnerable to a
stack-based buffer overflow that can lead to arbitrary kernel-mode
code execution. This particular vulnerability is caused by improper
handling of 802.11 probe responses containing a long SSID field. The
BCMWL5.SYS driver is bundled with new PCs from HP, Dell, Gateway,
eMachines, and other computer manufacturers.
-snip-
More info ...
http://blog.washingtonpost.com/securityfix/2006/11/
exploit_targets_widely_deploye.html
If anyone has a vulnerable laptop/card and would like to attempt to
demo/guinea pig the Framework exploit @ next meeting let me know.
- Jon
--
NYCwireless - http://www.nycwireless.net/
Un/Subscribe: http://lists.nycwireless.net/mailman/listinfo/nycwireless/
Archives: http://lists.nycwireless.net/pipermail/nycwireless/
