The MoKB (Month of Kernel Bugs) project has released a Metasploit 3.0 kernel-level driver exploit for Broadcom based Wireless LAN devices for Windows 2000 and XP. The flaw was discovered by researcher “Johnny Cache” and had been privately disclosed to Broadcom so that they could prepare a fix before the details of the research and proof-of-concept was released in to the public. [UPDATED 11/13/2006 7:00PM – PC makers like Dell, HP, Gateway, Fujitsu, eMachines, other computer manufacturers and others third party Wi-Fi card adapters are affected by this flaw. A simple way to determine if you have an affected Wireless driver is to do a file search for the BCMWL5.SYS file on your system partition which is usually the C drive. Any version of that file below 126.96.36.199 is vulnerable and you can find that information by right clicking on BCMWL5.SYS and selecting “Properties”] Broadcom created an updated reference driver but opted not to issue a security advisory. At this point in time, Linksys (division of Cisco) has released an updated driver that addresses this critical flaw though no indication of the critical nature of this update was given. [UPDATED 11/13/2006 7:00PM – Broadcom has informed me that HP issued… Read full this story
- Step by step: How to install Broadcom critical driver update
- Free Wi-Fi Driver vulnerability auditing tool released!
Critical Broadcom Windows driver exploit released! have 215 words, post on www.zdnet.com at November 11, 2006. This is cached page on CuBird. If you want remove this page, please contact us.