Integer overflow in Ralink Technology USB wireless adapter (RT73) 3.08 for Windows, and other wireless card drivers including rt2400, rt2500, rt2570, and rt61, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Probe Request packet with a long SSID, possibly related to an integer signedness error.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Rt73 | Ralinktech | 3.08 (including) | 3.08 (including) |
| Rt2400 | Ubuntu | dapper | * |
| Rt2400 | Ubuntu | gutsy | * |
| Rt2400 | Ubuntu | hardy | * |
| Rt2400 | Ubuntu | intrepid | * |
| Rt2400 | Ubuntu | upstream | * |
| Rt2500 | Ubuntu | dapper | * |
| Rt2500 | Ubuntu | gutsy | * |
| Rt2500 | Ubuntu | hardy | * |
| Rt2500 | Ubuntu | intrepid | * |
| Rt2500 | Ubuntu | upstream | * |
| Rt2570 | Ubuntu | gutsy | * |
| Rt2570 | Ubuntu | hardy | * |
| Rt2570 | Ubuntu | intrepid | * |
| Rt2570 | Ubuntu | upstream | * |
| Rt73 | Ubuntu | intrepid | * |
| Rt73 | Ubuntu | jaunty | * |
| Rt73 | Ubuntu | karmic | * |
| Rt73 | Ubuntu | lucid | * |
| Rt73 | Ubuntu | upstream | * |