Lucene search

K
freebsdFreeBSD976567F6-05C5-11E6-94FA-002590263BF5
HistoryNov 10, 2015 - 12:00 a.m.

hostapd and wpa_supplicant -- multiple vulnerabilities

2015-11-1000:00:00
vuxml.freebsd.org
15

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

0.017 Low

EPSS

Percentile

87.7%

Jouni Malinen reports:

wpa_supplicant unauthorized WNM Sleep Mode GTK control. (2015-6 -
CVE-2015-5310)

EAP-pwd missing last fragment length validation. (2015-7 -
CVE-2015-5315)

EAP-pwd peer error path failure on unexpected Confirm message.
(2015-8 - CVE-2015-5316)

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchwpa_supplicant< 2.5_1UNKNOWN
FreeBSDanynoarchhostapd< 2.6UNKNOWN

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

0.017 Low

EPSS

Percentile

87.7%