Title: Linksys Wireless-G ADSL Gateway WAG54GS V2.0 Remote Buffer Overflow Vulnerability
Severity: HIGH
Description:
The Linksys Wireless-G ADSL Gateway is a multipurpose device that includes a router and an 802.11g wireless access point.
Linksys Wireless-G ADSL Gateway WAG54GS V2.0 is prone to a remote buffer-overflow vulnerability because the software fails to sufficiently verify buffer boundaries before copying user-supplied data.
Specifically, an attacker could overwrite critical memory contents by sending a malicious HTTP GET request to the affected device's HTTP server application. The request would contain approximately 10240 bytes of data in the URI. This can alter the normal flow of execution, potentially executing attacker-supplied code contained in the malicious GET or POST request.
Exploiting this vulnerability may allow remote attackers to execute arbitrary code in the context of the affected application.
Linksys Wireless-G ADSL Gateway WAG54GS V2.0 running firmware 1.02.20 is reported vulnerable; other versions may also be affected.
NOTE: Reports indicate that this issue may be identical to or related to the vulnerability described in BID 6301 (Multiple Linksys Devices GET Request Buffer Overflow Vulnerability), but this could not be confirmed. We will update or retire this BID when more details become available.
Affected Products:
- Linksys Wireless-G ADSL Gateway WAG54GS V2.0 1.02.20 (Firmware)
References:
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
