Multiple Intel LAN Drivers buffer overflow

intel-lan-driver-bo (30750)

High Risk

Description:

Multiple Intel PCI, PCI-X, and PCIe network adapter drivers are vulnerable to a buffer overflow, caused by improper bounds checking by an unspecified function. A local attacker could exploit this vulnerability to overflow a buffer and execute arbitrary code on the system with kernel-level privileges.

Platforms Affected:

• Intel, PRO 10/100 3.5.14
• Intel, PRO 10/100 4.0.3
• Intel, PRO 10/100 8.0.27.0
• Intel, PRO 1000 7.2.7
• Intel, PRO 1000 8.7.1.0
• Intel, PRO 1000 9.0.15
• Intel, PRO 1000 PCIe 9.1.30.0
• Intel, PRO 10GbE 1.0.109

Remedy:

Refer to Intel Advisory INTEL-sa-00004 for upgrade information. See References.

Consequences:

Gain Privileges

References:

• AD20061207, Intel Network Adapter Driver Local Privilege Escalation at http://research.eeye.com/html/advisories/published/AD20061207.html.
• INTEL-sa-00004, Intel® LAN Driver Buffer Overflow Local Privilege Escalation at http://www.intel.com/support/go/security/sa00006.htm.
• BID-21456: Intel Network Drivers Local Privilege Escalation Vulnerability
• CVE-2006-6385: Stack-based buffer overflow in Intel PRO 10/100, PRO/1000, and PRO/10GbE PCI, PCI-X, and PCIe network adapter drivers (aka NDIS miniport drivers) before 20061205 allows local users to execute arbitrary code with kernel-level privileges via an incorrect function call in certain OID handlers.
• FrSIRT/ADV-2006-4871: Intel LAN Driver NDIS.SYS Local Buffer Overflow Privilege Escalation Vulnerability
• SA23221: Intel LAN Driver OID Handler Privilege Escalation Vulnerability
• SECTRACK ID: 1017346: Intel LAN Driver Buffer Overflow Lets Local Users Obtain Elevated Privileges
• US-CERT VU#296681: Intel network drivers privilege escalation vulnerability

Reported:

Dec 05, 2006

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

Copyright (c) 1994-2008 Internet Security Systems, Inc. All rights reserved worldwide.

For corrections or additions please email xforce@iss.net

Return to the main page