vendor:
MA521 Wireless Device
by:
Laurent Butti
7.8
CVSS
HIGH
Stack-based buffer-overflow
119
CWE
Product Name: MA521 Wireless Device
Affected Version From: 5.148.724.2003
Affected Version To: 5.148.724.2003
Patch Exists: YES
Related CWE: CVE-2006-6184
CPE: h:netgear:ma521
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Linux
2006
NetGear MA521 Wireless Driver Long Rates Overflow
NetGear MA521 Wireless device is prone to a stack-based buffer-overflow vulnerability because the driver fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer. Exploiting this issue allows attackers to execute arbitrary machine code in the context of the kernel hosting the vulnerable driver. Failed attempts will likely crash the kernel, resulting in denial-of-service conditions.
Mitigation:
Upgrade to the latest version of the MA521nd5.SYS driver.