funsec mailing list archives
FYI: Intel Centrino Vulnerabilities
From: "Fergie" <fergdawg () netzero net>
Date: Tue, 1 Aug 2006 22:31:25 GMT
A couple of these seem pretty important. FYI. And thanks to the folks over ta the SANS ISC. [snip] Intel has released driver security updates for Centrino device drivers for Windows and for the PROSet management software. http://support.intel.com/support/wireless/wlan/sb/CS-023068.htm There are three issues identified: Intel® Centrino Wireless Driver Malformed Frame Remote Code Execution http://support.intel.com/support/wireless/wlan/sb/CS-023065.htm Intel® PROSet/Wireless Software Local Information Disclosure http://support.intel.com/support/wireless/wlan/sb/CS-023066.htm Intel® Centrino Wireless Driver Malformed Frame Privilege Escalation http://support.intel.com/support/wireless/wlan/pro2100/sb/CS-023067.htm The first and the third seem to be most severe. At this point we don't know of any public exploits for these vulnerabilities. The second one (PROSet info disclosure) has been around for a while and is known but local only. The announcements contain details on which drivers are vulnerable as well as links to patches and a tool to determine which version you have: http://support.intel.com/support/wireless/wlan/sb/cs-005905.htm Below are the summaries of the affected platforms Intel® Centrino Wireless Driver Malformed Frame Remote Code Execution * Intel® PRO/Wireless 2200BG Network Connection * Intel® PRO/Wireless 2915ABG Network Connection Intel® PROSet/Wireless Software Local Information Disclosure * Intel® PRO/Wireless 2100 Network Connection * Intel® PRO/Wireless 2200BG Network Connection * Intel® PRO/Wireless 2915ABG Network Connection * Intel® PRO/Wireless 3945ABG Network Connection Intel® Centrino Wireless Driver Malformed Frame Privilege Escalation * Intel® PRO/Wireless 2100 Network Connection The details of which drivers are listed on the pages and we recommend you look there. As far as we know, these will not be delivered via the Microsoft Update tool. You will need to download and install them manually unless your system vendor (the folk who make your laptop) provides an automated tool for you. Before you download and install these, we strongly suggest you talk to your system vendors and see if they are coming out with custom versions of the patches. On a related note- there will be a talk on exploiting device drivers on Wednesday 8/2/06 at Blackhat Vegas. Anyone who can make it should go. [snip] More: http://isc.sans.org/diary.php?storyid=1535 - ferg -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- FYI: Intel Centrino Vulnerabilities Fergie (Aug 01)