CVE-2015-5314

🗓️ 21 Feb 2018 16:00:29Reported by [email protected]Type

The eap_pwd_process function in hostapd 2.x before 2.6 allows remote attackers to cause a denial of service via a large final fragment in an EAP-pwd message

Reporter	Title	Published	Views	Family All 18
UbuntuCve	CVE-2015-5314	10 Nov 201500:00	–	ubuntucve
Cvelist	CVE-2015-5314	21 Feb 201816:00	–	cvelist
CVE	CVE-2015-5314	21 Feb 201816:29	–	cve
Debian CVE	CVE-2015-5314	21 Feb 201816:29	–	debiancve
Prion	Buffer overflow	21 Feb 201816:29	–	prion
Tenable Nessus	Ubuntu 14.04 LTS : wpa_supplicant and hostapd vulnerabilities (USN-2808-1)	11 Nov 201500:00	–	nessus
Tenable Nessus	Debian DSA-3397-1 : wpa - security update	11 Nov 201500:00	–	nessus
Tenable Nessus	openSUSE Security Update : hostapd (openSUSE-2017-1201) (KRACK)	30 Oct 201700:00	–	nessus
Ubuntu	wpa_supplicant and hostapd vulnerabilities	10 Nov 201500:00	–	ubuntu
OpenVAS	Ubuntu: Security Advisory (USN-2808-1)	11 Nov 201500:00	–	openvas

Nvd

Node

w1.fi wpa_supplicantRange2.0–2.6

Node

debian debian_linuxMatch8.0

Source	Link
w1	www.w1.fi/security/2015-7/eap-pwd-missing-last-fragment-length-validation.txt
openwall	www.openwall.com/lists/oss-security/2015/11/10/10
debian	www.debian.org/security/2015/dsa-3397
ubuntu	www.ubuntu.com/usn/USN-2808-1

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

21 Feb 2018 16:29Current

5.8Medium risk

Vulners AI Score5.8

CVSS24.3

CVSS35.9

EPSS0.01554

CWE-119