Broadcom Wireless Driver (BCMWL5.SYS) Probe Response SSID Overflow

High Nessus Plugin ID 23637


The remote Windows host has a wireless device driver that is prone to a buffer overflow attack.


The Windows remote host contains a Broadcom wireless device driver.

The installed version of this driver on the remote host includes the file 'bcmwl5.sys' that is reportedly affected by a stack-based overflow vulnerability. An attacker within wireless range of the affected host may be able to leverage this issue using a 802.11 probe response with a long SSID field to execute arbitrary kernel-mode code on the affected host.


Contact the device's manufacturer for an update.

See Also

Plugin Details

Severity: High

ID: 23637

File Name: broadcom_long_ssid_overflow.nasl

Version: $Revision: 1.16 $

Type: local

Agent: windows

Family: Windows

Published: 2006/11/13

Modified: 2017/05/02

Dependencies: 13855

Risk Information

Risk Factor: High


Base Score: 8.3

Temporal Score: 6.5

Vector: CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2006/11/11

Reference Information

CVE: CVE-2006-5882

BID: 21007

OSVDB: 30294

CWE: 119