CVE-2016-4476

2016-05-09T10:59:00
ID CVE-2016-4476
Type cve
Reporter cve@mitre.org
Modified 2017-10-23T01:29:00

Description

hostapd 0.6.7 through 2.5 and wpa_supplicant 0.6.7 through 2.5 do not reject \n and \r characters in passphrase parameters, which allows remote attackers to cause a denial of service (daemon outage) via a crafted WPS operation.