The D-Link DWL-G132 wireless adapter (USB) ships with a version of A5AGU.SYS that is vulnerable to a stack-based buffer overflow. This overflow can lead to arbitrary kernel-mode code execution. The overflow occurs when a 802.11 beacon request is received that contains over 36 bytes in the Rates information element (IE).
- More details
- Proof of concept: dlink_wifi_rates.rb (Metasploit)
