Mandriva Update for hostapd MDVSA-2012:168 (hostapd)
2012-10-23T00:00:00
ID OPENVAS:831748 Type openvas Reporter Copyright (c) 2012 Greenbone Networks GmbH Modified 2018-01-05T00:00:00
Description
Check for the Version of hostapd
###############################################################################
# OpenVAS Vulnerability Test
#
# Mandriva Update for hostapd MDVSA-2012:168 (hostapd)
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "Multiple vulnerabilities has been discovered and corrected in hostapd:
hostapd 0.7.3, and possibly other versions before 1.0, uses 0644
permissions for /etc/hostapd/hostapd.conf, which might allow
local users to obtain sensitive information such as credentials
(CVE-2012-2389).
Heap-based buffer overflow in the eap_server_tls_process_fragment
function in eap_server_tls_common.c in the EAP authentication server
in hostapd 0.6 through 1.0 allows remote attackers to cause a denial
of service (crash or abort) via a small TLS Message Length value in
an EAP-TLS message with the More Fragments flag set (CVE-2012-4445).
The updated packages have been patched to correct these issues.";
tag_affected = "hostapd on Mandriva Linux 2011.0";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name : "URL" , value : "http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:168");
script_id(831748);
script_version("$Revision: 8295 $");
script_tag(name:"last_modification", value:"$Date: 2018-01-05 07:29:18 +0100 (Fri, 05 Jan 2018) $");
script_tag(name:"creation_date", value:"2012-10-23 09:29:43 +0530 (Tue, 23 Oct 2012)");
script_cve_id("CVE-2012-2389", "CVE-2012-4445");
script_tag(name:"cvss_base", value:"4.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:N/A:P");
script_xref(name: "MDVSA", value: "2012:168");
script_name("Mandriva Update for hostapd MDVSA-2012:168 (hostapd)");
script_tag(name: "summary" , value: "Check for the Version of hostapd");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2012 Greenbone Networks GmbH");
script_family("Mandrake Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/mandriva_mandrake_linux", "ssh/login/release");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "MNDK_2011.0")
{
if ((res = isrpmvuln(pkg:"hostapd", rpm:"hostapd~0.7.3~2.3", rls:"MNDK_2011.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
{"id": "OPENVAS:831748", "type": "openvas", "bulletinFamily": "scanner", "title": "Mandriva Update for hostapd MDVSA-2012:168 (hostapd)", "description": "Check for the Version of hostapd", "published": "2012-10-23T00:00:00", "modified": "2018-01-05T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=831748", "reporter": "Copyright (c) 2012 Greenbone Networks GmbH", "references": ["2012:168", "http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:168"], "cvelist": ["CVE-2012-4445", "CVE-2012-2389"], "lastseen": "2018-01-06T13:07:30", "viewCount": 0, "enchantments": {"score": {"value": 5.5, "vector": "NONE", "modified": "2018-01-06T13:07:30", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2012-4445", "CVE-2012-2389"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12670", "SECURITYVULNS:VULN:12638", "SECURITYVULNS:DOC:28684", "SECURITYVULNS:DOC:28624", "SECURITYVULNS:DOC:28625"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310864795", "OPENVAS:864797", "OPENVAS:1361412562310831748", "OPENVAS:72596", "OPENVAS:136141256231072596", "OPENVAS:864478", "OPENVAS:136141256231072474", "OPENVAS:864795", "OPENVAS:1361412562310864797", "OPENVAS:72474"]}, {"type": "nessus", "idList": ["OPENSUSE-2012-718.NASL", "FEDORA_2012-8611.NASL", "FEDORA_2012-15748.NASL", "FREEBSD_PKG_F115F69336B211E2A633902B343DEEC9.NASL", "FEDORA_2012-15759.NASL", "DEBIAN_DSA-2557.NASL", "FEDORA_2012-15680.NASL", "FEDORA_2012-9206.NASL", "FEDORA_2012-9137.NASL", "MANDRIVA_MDVSA-2012-168.NASL"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2557-1:32DC0"]}, {"type": "freebsd", "idList": ["F115F693-36B2-11E2-A633-902B343DEEC9"]}], "modified": "2018-01-06T13:07:30", "rev": 2}, "vulnersScore": 5.5}, "pluginID": "831748", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for hostapd MDVSA-2012:168 (hostapd)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been discovered and corrected in hostapd:\n\n hostapd 0.7.3, and possibly other versions before 1.0, uses 0644\n permissions for /etc/hostapd/hostapd.conf, which might allow\n local users to obtain sensitive information such as credentials\n (CVE-2012-2389).\n\n Heap-based buffer overflow in the eap_server_tls_process_fragment\n function in eap_server_tls_common.c in the EAP authentication server\n in hostapd 0.6 through 1.0 allows remote attackers to cause a denial\n of service (crash or abort) via a small TLS Message Length value in\n an EAP-TLS message with the More Fragments flag set (CVE-2012-4445).\n\n The updated packages have been patched to correct these issues.\";\n\ntag_affected = \"hostapd on Mandriva Linux 2011.0\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:168\");\n script_id(831748);\n script_version(\"$Revision: 8295 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-05 07:29:18 +0100 (Fri, 05 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-23 09:29:43 +0530 (Tue, 23 Oct 2012)\");\n script_cve_id(\"CVE-2012-2389\", \"CVE-2012-4445\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVSA\", value: \"2012:168\");\n script_name(\"Mandriva Update for hostapd MDVSA-2012:168 (hostapd)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of hostapd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2011.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"hostapd\", rpm:\"hostapd~0.7.3~2.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Mandrake Local Security Checks"}
{"cve": [{"lastseen": "2021-02-02T05:59:54", "description": "Heap-based buffer overflow in the eap_server_tls_process_fragment function in eap_server_tls_common.c in the EAP authentication server in hostapd 0.6 through 1.0 allows remote attackers to cause a denial of service (crash or abort) via a small \"TLS Message Length\" value in an EAP-TLS message with the \"More Fragments\" flag set.", "edition": 4, "cvss3": {}, "published": "2012-10-10T18:55:00", "title": "CVE-2012-4445", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4445"], "modified": "2017-08-29T01:32:00", "cpe": ["cpe:/a:w1.fi:hostapd:0.6.2", "cpe:/a:w1.fi:hostapd:0.7.1", "cpe:/a:w1.fi:hostapd:0.6.6", "cpe:/a:w1.fi:hostapd:0.6.5", "cpe:/a:w1.fi:hostapd:1.0", "cpe:/a:w1.fi:hostapd:0.6.3", "cpe:/a:w1.fi:hostapd:0.6.1", "cpe:/a:w1.fi:hostapd:0.6.7", "cpe:/a:w1.fi:hostapd:0.7.2", "cpe:/a:w1.fi:hostapd:0.7.0", "cpe:/a:w1.fi:hostapd:0.6.0", "cpe:/a:w1.fi:hostapd:0.6.4", "cpe:/a:w1.fi:hostapd:0.7.3"], "id": "CVE-2012-4445", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4445", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:w1.fi:hostapd:0.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:w1.fi:hostapd:0.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:w1.fi:hostapd:0.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:w1.fi:hostapd:0.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:w1.fi:hostapd:0.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:w1.fi:hostapd:0.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:w1.fi:hostapd:0.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:w1.fi:hostapd:0.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:w1.fi:hostapd:0.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:w1.fi:hostapd:0.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:w1.fi:hostapd:0.6.0:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:59:49", "description": "hostapd 0.7.3, and possibly other versions before 1.0, uses 0644 permissions for /etc/hostapd/hostapd.conf, which might allow local users to obtain sensitive information such as credentials.", "edition": 4, "cvss3": {}, "published": "2012-06-21T15:55:00", "title": "CVE-2012-2389", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2389"], "modified": "2013-04-19T03:21:00", "cpe": ["cpe:/a:w1.fi:hostapd:0.7.3"], "id": "CVE-2012-2389", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2389", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2019-05-29T18:38:48", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4445", "CVE-2012-2389"], "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2012-10-23T00:00:00", "id": "OPENVAS:1361412562310831748", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831748", "type": "openvas", "title": "Mandriva Update for hostapd MDVSA-2012:168 (hostapd)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for hostapd MDVSA-2012:168 (hostapd)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:168\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831748\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-23 09:29:43 +0530 (Tue, 23 Oct 2012)\");\n script_cve_id(\"CVE-2012-2389\", \"CVE-2012-4445\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"MDVSA\", value:\"2012:168\");\n script_name(\"Mandriva Update for hostapd MDVSA-2012:168 (hostapd)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'hostapd'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_2011\\.0\");\n script_tag(name:\"affected\", value:\"hostapd on Mandriva Linux 2011.0\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities has been discovered and corrected in hostapd:\n\n hostapd 0.7.3, and possibly other versions before 1.0, uses 0644\n permissions for /etc/hostapd/hostapd.conf, which might allow\n local users to obtain sensitive information such as credentials\n (CVE-2012-2389).\n\n Heap-based buffer overflow in the eap_server_tls_process_fragment\n function in eap_server_tls_common.c in the EAP authentication server\n in hostapd 0.6 through 1.0 allows remote attackers to cause a denial\n of service (crash or abort) via a small TLS Message Length value in\n an EAP-TLS message with the More Fragments flag set (CVE-2012-4445).\n\n The updated packages have been patched to correct these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_2011.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"hostapd\", rpm:\"hostapd~0.7.3~2.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2389"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-08-30T00:00:00", "id": "OPENVAS:1361412562310864482", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864482", "type": "openvas", "title": "Fedora Update for hostapd FEDORA-2012-9137", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for hostapd FEDORA-2012-9137\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082475.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864482\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:24:58 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-2389\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2012-9137\");\n script_name(\"Fedora Update for hostapd FEDORA-2012-9137\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'hostapd'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"hostapd on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"hostapd\", rpm:\"hostapd~0.7.3~9.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-02T10:56:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2389"], "description": "Check for the Version of hostapd", "modified": "2017-12-27T00:00:00", "published": "2012-06-22T00:00:00", "id": "OPENVAS:864478", "href": "http://plugins.openvas.org/nasl.php?oid=864478", "type": "openvas", "title": "Fedora Update for hostapd FEDORA-2012-9206", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for hostapd FEDORA-2012-9206\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"hostapd is a user space daemon for access point and authentication\n servers. It implements IEEE 802.11 access point management, IEEE\n 802.1X/WPA/WPA2/EAP Authenticators and RADIUS authentication server.\n\n hostapd is designed to be a "daemon" program that runs in the back-\n ground and acts as the backend component controlling authentication.\n hostapd supports separate frontend programs and an example text-based\n frontend, hostapd_cli, is included with hostapd.\";\n\ntag_affected = \"hostapd on Fedora 16\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082459.html\");\n script_id(864478);\n script_version(\"$Revision: 8249 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-27 07:29:56 +0100 (Wed, 27 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-22 10:24:51 +0530 (Fri, 22 Jun 2012)\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2012-2389\");\n script_xref(name: \"FEDORA\", value: \"2012-9206\");\n script_name(\"Fedora Update for hostapd FEDORA-2012-9206\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of hostapd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"hostapd\", rpm:\"hostapd~0.7.3~9.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-02T10:58:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2389"], "description": "Check for the Version of hostapd", "modified": "2018-01-01T00:00:00", "published": "2012-06-08T00:00:00", "id": "OPENVAS:864290", "href": "http://plugins.openvas.org/nasl.php?oid=864290", "type": "openvas", "title": "Fedora Update for hostapd FEDORA-2012-8611", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for hostapd FEDORA-2012-8611\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"hostapd is a user space daemon for access point and authentication\n servers. It implements IEEE 802.11 access point management, IEEE\n 802.1X/WPA/WPA2/EAP Authenticators and RADIUS authentication server.\n\n hostapd is designed to be a "daemon" program that runs in the back-\n ground and acts as the backend component controlling authentication.\n hostapd supports separate frontend programs and an example text-based\n frontend, hostapd_cli, is included with hostapd.\";\n\ntag_affected = \"hostapd on Fedora 15\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081983.html\");\n script_id(864290);\n script_version(\"$Revision: 8265 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-01 07:29:23 +0100 (Mon, 01 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-08 10:11:10 +0530 (Fri, 08 Jun 2012)\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2012-2389\");\n script_xref(name: \"FEDORA\", value: \"2012-8611\");\n script_name(\"Fedora Update for hostapd FEDORA-2012-8611\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of hostapd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"hostapd\", rpm:\"hostapd~0.7.3~2.1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-02T10:58:26", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2389"], "description": "Check for the Version of hostapd", "modified": "2017-12-28T00:00:00", "published": "2012-08-30T00:00:00", "id": "OPENVAS:864482", "href": "http://plugins.openvas.org/nasl.php?oid=864482", "type": "openvas", "title": "Fedora Update for hostapd FEDORA-2012-9137", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for hostapd FEDORA-2012-9137\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"hostapd is a user space daemon for access point and authentication\n servers. It implements IEEE 802.11 access point management, IEEE\n 802.1X/WPA/WPA2/EAP Authenticators and RADIUS authentication server.\n\n hostapd is designed to be a "daemon" program that runs in the back-\n ground and acts as the backend component controlling authentication.\n hostapd supports separate frontend programs and an example text-based\n frontend, hostapd_cli, is included with hostapd.\";\n\ntag_affected = \"hostapd on Fedora 17\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082475.html\");\n script_id(864482);\n script_version(\"$Revision: 8253 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:24:58 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-2389\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2012-9137\");\n script_name(\"Fedora Update for hostapd FEDORA-2012-9137\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of hostapd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"hostapd\", rpm:\"hostapd~0.7.3~9.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:39:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2389"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-06-22T00:00:00", "id": "OPENVAS:1361412562310864478", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864478", "type": "openvas", "title": "Fedora Update for hostapd FEDORA-2012-9206", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for hostapd FEDORA-2012-9206\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082459.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864478\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-22 10:24:51 +0530 (Fri, 22 Jun 2012)\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2012-2389\");\n script_xref(name:\"FEDORA\", value:\"2012-9206\");\n script_name(\"Fedora Update for hostapd FEDORA-2012-9206\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'hostapd'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"hostapd on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"hostapd\", rpm:\"hostapd~0.7.3~9.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:39:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2389"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-06-08T00:00:00", "id": "OPENVAS:1361412562310864290", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864290", "type": "openvas", "title": "Fedora Update for hostapd FEDORA-2012-8611", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for hostapd FEDORA-2012-8611\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081983.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864290\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-08 10:11:10 +0530 (Fri, 08 Jun 2012)\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2012-2389\");\n script_xref(name:\"FEDORA\", value:\"2012-8611\");\n script_name(\"Fedora Update for hostapd FEDORA-2012-8611\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'hostapd'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"hostapd on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"hostapd\", rpm:\"hostapd~0.7.3~2.1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:39:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4445"], "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "modified": "2018-10-05T00:00:00", "published": "2012-11-26T00:00:00", "id": "OPENVAS:136141256231072596", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231072596", "type": "openvas", "title": "FreeBSD Ports: FreeBSD", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_FreeBSD21.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID f115f693-36b2-11e2-a633-902b343deec9\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.72596\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2012-4445\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-26 12:47:32 -0500 (Mon, 26 Nov 2012)\");\n script_name(\"FreeBSD Ports: FreeBSD\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following package is affected: FreeBSD\n\nCVE-2012-4445\nHeap-based buffer overflow in the eap_server_tls_process_fragment\nfunction in eap_server_tls_common.c in the EAP authentication server\nin hostapd 0.6 through 1.0 allows remote attackers to cause a denial\nof service (crash or abort) via a small 'TLS Message Length' value in\nan EAP-TLS message with the 'More Fragments' flag set.\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"FreeBSD\");\nif(!isnull(bver) && revcomp(a:bver, b:\"8.3\")>=0 && revcomp(a:bver, b:\"8.3_5\")<0) {\n txt += \"Package FreeBSD version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"9.0\")>=0 && revcomp(a:bver, b:\"9.0_5\")<0) {\n txt += \"Package FreeBSD version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-24T12:50:37", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4445"], "description": "The remote host is missing an update to hostapd\nannounced via advisory DSA 2557-1.", "modified": "2017-07-07T00:00:00", "published": "2012-10-13T00:00:00", "id": "OPENVAS:72474", "href": "http://plugins.openvas.org/nasl.php?oid=72474", "type": "openvas", "title": "Debian Security Advisory DSA 2557-1 (hostapd)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2557_1.nasl 6612 2017-07-07 12:08:03Z cfischer $\n# Description: Auto-generated from advisory DSA 2557-1 (hostapd)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Timo Warns discovered that the internal authentication server of hostapd,\na user space IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator,\nis vulnerable to a buffer overflow when processing fragmented EAP-TLS\nmessages. As a result, an internal overflow checking routine terminates\nthe process. An attacker can abuse this flaw to conduct denial of service\nattacks via crafted EAP-TLS messages prior to any authentication.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.6.10-2+squeeze1.\n\nFor the testing (wheezy) and unstable (sid) distributions, this problem\nwill be fixed soon.\n\n\nWe recommend that you upgrade your hostapd packages.\";\ntag_summary = \"The remote host is missing an update to hostapd\nannounced via advisory DSA 2557-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202557-1\";\n\nif(description)\n{\n script_id(72474);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2012-4445\");\n script_version(\"$Revision: 6612 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:03 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-13 02:34:33 -0400 (Sat, 13 Oct 2012)\");\n script_name(\"Debian Security Advisory DSA 2557-1 (hostapd)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"hostapd\", ver:\"1:0.6.10-2+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:56:29", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4445"], "description": "Check for the Version of hostapd", "modified": "2017-12-28T00:00:00", "published": "2012-10-19T00:00:00", "id": "OPENVAS:864795", "href": "http://plugins.openvas.org/nasl.php?oid=864795", "type": "openvas", "title": "Fedora Update for hostapd FEDORA-2012-15759", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for hostapd FEDORA-2012-15759\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"hostapd is a user space daemon for access point and authentication\n servers. It implements IEEE 802.11 access point management, IEEE\n 802.1X/WPA/WPA2/EAP Authenticators and RADIUS authentication server.\n\n hostapd is designed to be a "daemon" program that runs in the back-\n ground and acts as the backend component controlling authentication.\n hostapd supports separate frontend programs and an example text-based\n frontend, hostapd_cli, is included with hostapd.\";\n\ntag_affected = \"hostapd on Fedora 17\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090213.html\");\n script_id(864795);\n script_version(\"$Revision: 8253 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-19 09:47:53 +0530 (Fri, 19 Oct 2012)\");\n script_cve_id(\"CVE-2012-4445\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-15759\");\n script_name(\"Fedora Update for hostapd FEDORA-2012-15759\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of hostapd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"hostapd\", rpm:\"hostapd~0.7.3~10.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-01-07T11:53:53", "description": "Multiple vulnerabilities has been discovered and corrected in \nhostapd :\n\nhostapd 0.7.3, and possibly other versions before 1.0, uses 0644\npermissions for /etc/hostapd/hostapd.conf, which might allow local\nusers to obtain sensitive information such as credentials\n(CVE-2012-2389).\n\nHeap-based buffer overflow in the eap_server_tls_process_fragment\nfunction in eap_server_tls_common.c in the EAP authentication server\nin hostapd 0.6 through 1.0 allows remote attackers to cause a denial\nof service (crash or abort) via a small TLS Message Length value in an\nEAP-TLS message with the More Fragments flag set (CVE-2012-4445).\n\nThe updated packages have been patched to correct these issues.", "edition": 25, "published": "2012-10-23T00:00:00", "title": "Mandriva Linux Security Advisory : hostapd (MDVSA-2012:168)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4445", "CVE-2012-2389"], "modified": "2012-10-23T00:00:00", "cpe": ["cpe:/o:mandriva:linux:2011", "p-cpe:/a:mandriva:linux:hostapd"], "id": "MANDRIVA_MDVSA-2012-168.NASL", "href": "https://www.tenable.com/plugins/nessus/62659", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2012:168. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62659);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-2389\", \"CVE-2012-4445\");\n script_bugtraq_id(54093, 55826);\n script_xref(name:\"MDVSA\", value:\"2012:168\");\n\n script_name(english:\"Mandriva Linux Security Advisory : hostapd (MDVSA-2012:168)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Mandriva Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been discovered and corrected in \nhostapd :\n\nhostapd 0.7.3, and possibly other versions before 1.0, uses 0644\npermissions for /etc/hostapd/hostapd.conf, which might allow local\nusers to obtain sensitive information such as credentials\n(CVE-2012-2389).\n\nHeap-based buffer overflow in the eap_server_tls_process_fragment\nfunction in eap_server_tls_common.c in the EAP authentication server\nin hostapd 0.6 through 1.0 allows remote attackers to cause a denial\nof service (crash or abort) via a small TLS Message Length value in an\nEAP-TLS message with the More Fragments flag set (CVE-2012-4445).\n\nThe updated packages have been patched to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected hostapd package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hostapd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2011\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2011\", reference:\"hostapd-0.7.3-2.3-mdv2011.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:10:43", "description": "Remove hostapd-specific runtime state directory Fixup typo in pid file\npath in hostapd.service Fixup typo in configuration file path in\nhostapd.service Tighten-up default permissions for hostapd.conf\n(CVE-2012-2389) Add BuildRequires for systemd-units Fixup typo in\nconfiguration file path in hostapd.service Tighten-up default\npermissions for hostapd.conf (CVE-2012-2389)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "published": "2012-06-20T00:00:00", "title": "Fedora 16 : hostapd-0.7.3-9.fc16 (2012-9206)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2389"], "modified": "2012-06-20T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:16", "p-cpe:/a:fedoraproject:fedora:hostapd"], "id": "FEDORA_2012-9206.NASL", "href": "https://www.tenable.com/plugins/nessus/59582", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-9206.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59582);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-2389\");\n script_xref(name:\"FEDORA\", value:\"2012-9206\");\n\n script_name(english:\"Fedora 16 : hostapd-0.7.3-9.fc16 (2012-9206)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Remove hostapd-specific runtime state directory Fixup typo in pid file\npath in hostapd.service Fixup typo in configuration file path in\nhostapd.service Tighten-up default permissions for hostapd.conf\n(CVE-2012-2389) Add BuildRequires for systemd-units Fixup typo in\nconfiguration file path in hostapd.service Tighten-up default\npermissions for hostapd.conf (CVE-2012-2389)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=818800\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=824661\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-June/082459.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?42620824\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected hostapd package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:hostapd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"hostapd-0.7.3-9.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"hostapd\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-12T10:10:41", "description": "Tighten-up default permissions for hostapd.conf (CVE-2012-2389)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "published": "2012-06-08T00:00:00", "title": "Fedora 15 : hostapd-0.7.3-2.1.fc15 (2012-8611)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2389"], "modified": "2012-06-08T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:15", "p-cpe:/a:fedoraproject:fedora:hostapd"], "id": "FEDORA_2012-8611.NASL", "href": "https://www.tenable.com/plugins/nessus/59421", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-8611.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59421);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-2389\");\n script_xref(name:\"FEDORA\", value:\"2012-8611\");\n\n script_name(english:\"Fedora 15 : hostapd-0.7.3-2.1.fc15 (2012-8611)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Tighten-up default permissions for hostapd.conf (CVE-2012-2389)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=826109\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-June/081983.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?64ad3ea2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected hostapd package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:hostapd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"hostapd-0.7.3-2.1.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"hostapd\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-12T10:10:43", "description": "Remove hostapd-specific runtime state directory Fixup typo in pid file\npath in hostapd.service Add BuildRequires for systemd-units Fixup typo\nin configuration file path in hostapd.service\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "published": "2012-06-20T00:00:00", "title": "Fedora 17 : hostapd-0.7.3-9.fc17 (2012-9137)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2389"], "modified": "2012-06-20T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:17", "p-cpe:/a:fedoraproject:fedora:hostapd"], "id": "FEDORA_2012-9137.NASL", "href": "https://www.tenable.com/plugins/nessus/59581", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-9137.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59581);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-2389\");\n script_xref(name:\"FEDORA\", value:\"2012-9137\");\n\n script_name(english:\"Fedora 17 : hostapd-0.7.3-9.fc17 (2012-9137)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Remove hostapd-specific runtime state directory Fixup typo in pid file\npath in hostapd.service Add BuildRequires for systemd-units Fixup typo\nin configuration file path in hostapd.service\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=818800\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=824661\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-June/082475.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?44384a68\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected hostapd package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:hostapd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"hostapd-0.7.3-9.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"hostapd\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-07T10:51:23", "description": "Problem description :\n\nThe internal authentication server of hostapd does not sufficiently\nvalidate the message length field of EAP-TLS messages.", "edition": 22, "published": "2012-11-26T00:00:00", "title": "FreeBSD : FreeBSD -- Insufficient message length validation for EAP-TLS messages (f115f693-36b2-11e2-a633-902b343deec9)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4445"], "modified": "2012-11-26T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:FreeBSD"], "id": "FREEBSD_PKG_F115F69336B211E2A633902B343DEEC9.NASL", "href": "https://www.tenable.com/plugins/nessus/63050", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63050);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-4445\");\n script_bugtraq_id(55826);\n script_xref(name:\"FreeBSD\", value:\"SA-12:07.hostapd\");\n\n script_name(english:\"FreeBSD : FreeBSD -- Insufficient message length validation for EAP-TLS messages (f115f693-36b2-11e2-a633-902b343deec9)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Problem description :\n\nThe internal authentication server of hostapd does not sufficiently\nvalidate the message length field of EAP-TLS messages.\"\n );\n # https://vuxml.freebsd.org/freebsd/f115f693-36b2-11e2-a633-902b343deec9.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?841bd839\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:FreeBSD\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/11/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"FreeBSD>=8.3<8.3_5\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"FreeBSD>=9.0<9.0_5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T09:47:36", "description": "Timo Warns discovered that the internal authentication server of\nhostapd, a user space IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP\nAuthenticator, is vulnerable to a buffer overflow when processing\nfragmented EAP-TLS messages. As a result, an internal overflow\nchecking routine terminates the process. An attacker can abuse this\nflaw to conduct denial of service attacks via crafted EAP-TLS messages\nprior to any authentication.", "edition": 15, "published": "2012-10-09T00:00:00", "title": "Debian DSA-2557-1 : hostapd - buffer overflow", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4445"], "modified": "2012-10-09T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:hostapd"], "id": "DEBIAN_DSA-2557.NASL", "href": "https://www.tenable.com/plugins/nessus/62452", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2557. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62452);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-4445\");\n script_xref(name:\"DSA\", value:\"2557\");\n\n script_name(english:\"Debian DSA-2557-1 : hostapd - buffer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Timo Warns discovered that the internal authentication server of\nhostapd, a user space IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP\nAuthenticator, is vulnerable to a buffer overflow when processing\nfragmented EAP-TLS messages. As a result, an internal overflow\nchecking routine terminates the process. An attacker can abuse this\nflaw to conduct denial of service attacks via crafted EAP-TLS messages\nprior to any authentication.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/hostapd\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2012/dsa-2557\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the hostapd packages.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:0.6.10-2+squeeze1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:hostapd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"hostapd\", reference:\"1:0.6.10-2+squeeze1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:10:07", "description": "EAP-TLS server: Fix TLS Message Length validation\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "published": "2012-10-18T00:00:00", "title": "Fedora 16 : hostapd-0.7.3-10.fc16 (2012-15748)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4445"], "modified": "2012-10-18T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:16", "p-cpe:/a:fedoraproject:fedora:hostapd"], "id": "FEDORA_2012-15748.NASL", "href": "https://www.tenable.com/plugins/nessus/62605", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-15748.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62605);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-4445\");\n script_xref(name:\"FEDORA\", value:\"2012-15748\");\n\n script_name(english:\"Fedora 16 : hostapd-0.7.3-10.fc16 (2012-15748)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"EAP-TLS server: Fix TLS Message Length validation\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=859918\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-October/090185.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?277e810e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected hostapd package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:hostapd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"hostapd-0.7.3-10.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"hostapd\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:10:07", "description": "EAP-TLS server: Fix TLS Message Length validation\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2012-10-15T00:00:00", "title": "Fedora 18 : hostapd-1.0-3.fc18 (2012-15680)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4445"], "modified": "2012-10-15T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:18", "p-cpe:/a:fedoraproject:fedora:hostapd"], "id": "FEDORA_2012-15680.NASL", "href": "https://www.tenable.com/plugins/nessus/62532", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-15680.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62532);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-4445\");\n script_bugtraq_id(55826);\n script_xref(name:\"FEDORA\", value:\"2012-15680\");\n\n script_name(english:\"Fedora 18 : hostapd-1.0-3.fc18 (2012-15680)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"EAP-TLS server: Fix TLS Message Length validation\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=859918\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-October/089852.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3489ffe1\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected hostapd package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:hostapd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"hostapd-1.0-3.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"hostapd\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:10:07", "description": "EAP-TLS server: Fix TLS Message Length validation\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2012-10-18T00:00:00", "title": "Fedora 17 : hostapd-0.7.3-10.fc17 (2012-15759)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4445"], "modified": "2012-10-18T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:17", "p-cpe:/a:fedoraproject:fedora:hostapd"], "id": "FEDORA_2012-15759.NASL", "href": "https://www.tenable.com/plugins/nessus/62606", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-15759.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62606);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-4445\");\n script_bugtraq_id(55826);\n script_xref(name:\"FEDORA\", value:\"2012-15759\");\n\n script_name(english:\"Fedora 17 : hostapd-0.7.3-10.fc17 (2012-15759)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"EAP-TLS server: Fix TLS Message Length validation\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=859918\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-October/090213.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c07a88cf\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected hostapd package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:hostapd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"hostapd-0.7.3-10.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"hostapd\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-20T12:25:37", "description": "This patch validated the message length of EAP-TLS to avoid the\npotential DoS attack", "edition": 19, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : hostapd (openSUSE-SU-2012:1371-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4445"], "modified": "2014-06-13T00:00:00", "cpe": ["cpe:/o:novell:opensuse:12.1", "p-cpe:/a:novell:opensuse:hostapd", "p-cpe:/a:novell:opensuse:hostapd-debuginfo", "p-cpe:/a:novell:opensuse:hostapd-debugsource", "cpe:/o:novell:opensuse:12.2"], "id": "OPENSUSE-2012-718.NASL", "href": "https://www.tenable.com/plugins/nessus/74784", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2012-718.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74784);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-4445\");\n\n script_name(english:\"openSUSE Security Update : hostapd (openSUSE-SU-2012:1371-1)\");\n script_summary(english:\"Check for the openSUSE-2012-718 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This patch validated the message length of EAP-TLS to avoid the\npotential DoS attack\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=781740\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2012-10/msg00062.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected hostapd packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hostapd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hostapd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hostapd-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1|SUSE12\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1 / 12.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"hostapd-0.7.3-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"hostapd-debuginfo-0.7.3-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"hostapd-debugsource-0.7.3-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"hostapd-1.0-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"hostapd-debuginfo-1.0-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"hostapd-debugsource-1.0-2.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"hostapd / hostapd-debuginfo / hostapd-debugsource\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:46", "bulletinFamily": "software", "cvelist": ["CVE-2012-4445", "CVE-2012-2389"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2012:168\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : hostapd\r\n Date : October 22, 2012\r\n Affected: 2011.\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Multiple vulnerabilities has been discovered and corrected in hostapd:\r\n \r\n hostapd 0.7.3, and possibly other versions before 1.0, uses 0644\r\n permissions for /etc/hostapd/hostapd.conf, which might allow\r\n local users to obtain sensitive information such as credentials\r\n (CVE-2012-2389).\r\n \r\n Heap-based buffer overflow in the eap_server_tls_process_fragment\r\n function in eap_server_tls_common.c in the EAP authentication server\r\n in hostapd 0.6 through 1.0 allows remote attackers to cause a denial\r\n of service (crash or abort) via a small TLS Message Length value in\r\n an EAP-TLS message with the More Fragments flag set (CVE-2012-4445).\r\n \r\n The updated packages have been patched to correct these issues.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2389\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4445\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2011:\r\n 8fa9981eaf73dd9e84b62b42e300211a 2011/i586/hostapd-0.7.3-2.3-mdv2011.0.i586.rpm \r\n 912f917c8f0d5c8d146d544f9099cc29 2011/SRPMS/hostapd-0.7.3-2.3.src.rpm\r\n\r\n Mandriva Linux 2011/X86_64:\r\n 4d692e59b6e55c1cc9292315fcc0570a 2011/x86_64/hostapd-0.7.3-2.3-mdv2011.0.x86_64.rpm \r\n 912f917c8f0d5c8d146d544f9099cc29 2011/SRPMS/hostapd-0.7.3-2.3.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.11 (GNU/Linux)\r\n\r\niD8DBQFQhOGRmqjQ0CJFipgRAnrmAJ9xUxEo/Letga+CB8FLUkohKRRAnQCfeNqC\r\nbfTTMhF26NCvFgGKgu6nwEQ=\r\n=Cspq\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2012-10-28T00:00:00", "published": "2012-10-28T00:00:00", "id": "SECURITYVULNS:DOC:28684", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28684", "title": "[ MDVSA-2012:168 ] hostapd", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:49", "bulletinFamily": "software", "cvelist": ["CVE-2012-4445", "CVE-2012-2389"], "description": "Buffer overflow, weak permissions.", "edition": 1, "modified": "2012-10-28T00:00:00", "published": "2012-10-28T00:00:00", "id": "SECURITYVULNS:VULN:12670", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12670", "title": "hostapd security vulnerabilities", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:49", "bulletinFamily": "software", "cvelist": ["CVE-2012-4445"], "description": "Buffer overflow during EAP authentication.", "edition": 1, "modified": "2012-10-10T00:00:00", "published": "2012-10-10T00:00:00", "id": "SECURITYVULNS:VULN:12638", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12638", "title": "hostapd buffer overflow", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:46", "bulletinFamily": "software", "cvelist": ["CVE-2012-4445"], "description": "\r\n\r\nPRE-CERT Security Advisory\r\n==========================\r\n\r\n* Advisory: PRE-SA-2012-07\r\n* Released on: 8 October 2012\r\n* Affected product: Hostapd 0.6 - 1.0\r\n* Impact: denial of service\r\n* Origin: specially crafted EAP-TLS messages\r\n* CVSS Base Score: 7.8\r\n Impact Subscore: 6.9\r\n Exploitability Subscore: 10\r\n CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:C)\r\n* Credit: Timo Warns (PRESENSE Technologies GmbH)\r\n* CVE Identifier: CVE-2012-4445\r\n\r\n\r\nSummary\r\n-------\r\n\r\nThe internal EAP authentication server of hostapd does not sufficiently\r\nvalidate the message length field of EAP-TLS messages, which can be\r\nexploited for a denial-of-service via specially crafted EAP-TLS messages\r\n(before authentication).\r\n\r\nHostapd has a function eap_server_tls_process_fragment() used by its\r\ninternal EAP authentication server for handling fragmented EAP-TLS\r\nmessages. The function (indirectly) calls wpabuf_overflow() aborting\r\nthe application in case of potential buffer overflows. Such a situation\r\ncan be triggered by an attacker sending an EAP-TLS message with\r\n\r\n a) the "More Fragments" flag set and\r\n b) an "TLS Message Length" value that is smaller than the size of\r\n the "TLS Data" field.\r\n\r\nThe vulnerability can be exploited only if hostapd is configured to use\r\nits internal EAP authentication server, either directly for IEEE 802.11x\r\nor when using hostapd as a RADIUS authentication server. \r\n\r\nAffected is hostapd in versions 0.6 - 1.0. The issue was introduced with\r\ncommit\r\nhttp://hostap.epitest.fi/gitweb/gitweb.cgi?p=hostap.git;a=commitdiff;h=34f564dbd5168626da55a7119b04832e98793160\r\n\r\n\r\nSolution\r\n--------\r\n\r\nA patch is available at\r\nhttp://w1.fi/gitweb/gitweb.cgi?p=hostap.git;a=commitdiff;h=586c446e0ff42ae00315b014924ec669023bd8de\r\n\r\n\r\nReferences\r\n----------\r\n\r\nWhen further information becomes available, this advisory will be\r\nupdated. The most recent version of this advisory is available at:\r\n\r\nhttp://www.pre-cert.de/advisories/PRE-SA-2012-07.txt\r\n\r\n\r\nContact\r\n--------\r\n\r\nPRE-CERT can be reached under precert@pre-secure.de. For PGP key\r\ninformation, refer to http://www.pre-cert.de/.\r\n", "edition": 1, "modified": "2012-10-10T00:00:00", "published": "2012-10-10T00:00:00", "id": "SECURITYVULNS:DOC:28625", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28625", "title": "[PRE-SA-2012-07] hostapd: Missing EAP-TLS message length validation", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:46", "bulletinFamily": "software", "cvelist": ["CVE-2012-4445"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2557-1 security@debian.org\r\nhttp://www.debian.org/security/ Nico Golde\r\nOctober 08, 2012 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : hostapd\r\nVulnerability : buffer overflow\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE ID : CVE-2012-4445\r\n\r\nTimo Warns discovered that the internal authentication server of hostapd,\r\na user space IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator,\r\nis vulnerable to a buffer overflow when processing fragmented EAP-TLS\r\nmessages. As a result, an internal overflow checking routine terminates\r\nthe process. An attacker can abuse this flaw to conduct denial of service\r\nattacks via crafted EAP-TLS messages prior to any authentication.\r\n\r\nFor the stable distribution (squeeze), this problem has been fixed in\r\nversion 0.6.10-2+squeeze1.\r\n\r\nFor the testing (wheezy) and unstable (sid) distributions, this problem\r\nwill be fixed soon.\r\n\r\n\r\nWe recommend that you upgrade your hostapd packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 (GNU/Linux)\r\n\r\niEYEARECAAYFAlBykZ8ACgkQHYflSXNkfP8KMwCgrZevrVOPeI76Vm4q6LfvTMLi\r\nbJsAoKp8uuLyBRYI1JewUwPrWTFtdr3c\r\n=VOSf\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2012-10-10T00:00:00", "published": "2012-10-10T00:00:00", "id": "SECURITYVULNS:DOC:28624", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28624", "title": "[SECURITY] [DSA 2557-1] hostapd security update", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2389"], "description": "hostapd is a user space daemon for access point and authentication servers. It implements IEEE 802.11 access point management, IEEE 802.1X/WPA/WPA2/EAP Authenticators and RADIUS authentication server. hostapd is designed to be a \"daemon\" program that runs in the back- ground and acts as the backend component controlling authentication. hostapd supports separate frontend programs and an example text-based frontend, hostapd_cli, is included with hostapd. ", "modified": "2012-06-07T23:10:25", "published": "2012-06-07T23:10:25", "id": "FEDORA:89FD02101A", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: hostapd-0.7.3-2.1.fc15", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2389"], "description": "hostapd is a user space daemon for access point and authentication servers. It implements IEEE 802.11 access point management, IEEE 802.1X/WPA/WPA2/EAP Authenticators and RADIUS authentication server. hostapd is designed to be a \"daemon\" program that runs in the back- ground and acts as the backend component controlling authentication. hostapd supports separate frontend programs and an example text-based frontend, hostapd_cli, is included with hostapd. ", "modified": "2012-06-19T14:54:08", "published": "2012-06-19T14:54:08", "id": "FEDORA:9927E2025A", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: hostapd-0.7.3-9.fc16", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2389"], "description": "hostapd is a user space daemon for access point and authentication servers. It implements IEEE 802.11 access point management, IEEE 802.1X/WPA/WPA2/EAP Authenticators and RADIUS authentication server. hostapd is designed to be a \"daemon\" program that runs in the back- ground and acts as the backend component controlling authentication. hostapd supports separate frontend programs and an example text-based frontend, hostapd_cli, is included with hostapd. ", "modified": "2012-06-19T14:58:28", "published": "2012-06-19T14:58:28", "id": "FEDORA:31BCD20B2D", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: hostapd-0.7.3-9.fc17", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4445"], "description": "hostapd is a user space daemon for access point and authentication servers. It implements IEEE 802.11 access point management, IEEE 802.1X/WPA/WPA2/EAP Authenticators and RADIUS authentication server. hostapd is designed to be a \"daemon\" program that runs in the back- ground and acts as the backend component controlling authentication. hostapd supports separate frontend programs and an example text-based frontend, hostapd_cli, is included with hostapd. ", "modified": "2012-10-18T00:28:50", "published": "2012-10-18T00:28:50", "id": "FEDORA:7974F2094C", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: hostapd-0.7.3-10.fc16", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4445"], "description": "hostapd is a user space daemon for access point and authentication servers. It implements IEEE 802.11 access point management, IEEE 802.1X/WPA/WPA2/EAP Authenticators and RADIUS authentication server. hostapd is designed to be a \"daemon\" program that runs in the back- ground and acts as the backend component controlling authentication. hostapd supports separate frontend programs and an example text-based frontend, hostapd_cli, is included with hostapd. ", "modified": "2012-10-18T00:32:53", "published": "2012-10-18T00:32:53", "id": "FEDORA:2AD3D20AAF", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: hostapd-0.7.3-10.fc17", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4445"], "description": "hostapd is a user space daemon for access point and authentication servers. It implements IEEE 802.11 access point management, IEEE 802.1X/WPA/WPA2/EAP Authenticators and RADIUS authentication server. hostapd is designed to be a \"daemon\" program that runs in the back- ground and acts as the backend component controlling authentication. hostapd supports separate frontend programs and an example text-based frontend, hostapd_cli, is included with hostapd. ", "modified": "2012-10-13T02:59:33", "published": "2012-10-13T02:59:33", "id": "FEDORA:33E7C20CF4", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: hostapd-1.0-3.fc18", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "debian": [{"lastseen": "2020-08-12T01:09:05", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4445"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2557-1 security@debian.org\nhttp://www.debian.org/security/ Nico Golde\nOctober 08, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : hostapd\nVulnerability : buffer overflow\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-4445\n\nTimo Warns discovered that the internal authentication server of hostapd,\na user space IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator,\nis vulnerable to a buffer overflow when processing fragmented EAP-TLS\nmessages. As a result, an internal overflow checking routine terminates\nthe process. An attacker can abuse this flaw to conduct denial of service\nattacks via crafted EAP-TLS messages prior to any authentication.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.6.10-2+squeeze1.\n\nFor the testing (wheezy) and unstable (sid) distributions, this problem\nwill be fixed soon.\n\n\nWe recommend that you upgrade your hostapd packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n\n", "edition": 6, "modified": "2012-10-08T08:41:48", "published": "2012-10-08T08:41:48", "id": "DEBIAN:DSA-2557-1:32DC0", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2012/msg00201.html", "title": "[SECURITY] [DSA 2557-1] hostapd security update", "type": "debian", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:43", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4445"], "description": "\nProblem description:\n\nThe internal authentication server of hostapd does not\n\t sufficiently validate the message length field of EAP-TLS\n\t messages.\n\n", "edition": 4, "modified": "2012-11-22T00:00:00", "published": "2012-11-22T00:00:00", "id": "F115F693-36B2-11E2-A633-902B343DEEC9", "href": "https://vuxml.freebsd.org/freebsd/f115f693-36b2-11e2-a633-902b343deec9.html", "title": "FreeBSD -- Insufficient message length validation for EAP-TLS messages", "type": "freebsd", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}]}
