Lucene search
PRIOn knowledge basePRION:CVE-2015-5314HistoryFeb 21, 2018 - 4:29 p.m.
Buffer overflow
2018-02-2116:29:00
PRIOn knowledge base
www.prio-n.com
2
The eap_pwd_process function in eap_server/eap_server_pwd.c in hostapd 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when used with (1) an internal EAP server or (2) a RADIUS server and EAP-pwd is enabled in a runtime configuration, which allows remote attackers to cause a denial of service (process termination) via a large final fragment in an EAP-pwd message.
| CPE | Name | Operator | Version |
|---|---|---|---|
| debian_linux | eq | 8.0 | |
| wpa_supplicant | ge | 2.0 | |
| wpa_supplicant | lt | 2.6 |
Related
ubuntucve
ubuntucve
CVE-2015-5314
2015-11-10 00:00:00
debiancve
debiancve
CVE-2015-5314
2018-02-21 16:29:00
cvelist
cvelist
CVE-2015-5314
2018-02-21 16:00:00
cve
cve
CVE-2015-5314
2018-02-21 16:29:00
nvd
nvd
CVE-2015-5314
2018-02-21 16:29:00
openvas
openvas
Ubuntu: Security Advisory (USN-2808-1)
2015-11-11 00:00:00
Debian Security Advisory DSA 3397-1 (wpa - security update)
2015-11-10 00:00:00
Debian: Security Advisory (DSA-3397-1)
2015-11-09 00:00:00
nessus
nessus
Ubuntu 14.04 LTS : wpa_supplicant and hostapd vulnerabilities (USN-2808-1)
2015-11-11 00:00:00
Debian DSA-3397-1 : wpa - security update
2015-11-11 00:00:00
openSUSE Security Update : hostapd (openSUSE-2017-1201) (KRACK)
2017-10-30 00:00:00
ubuntu
ubuntu
wpa_supplicant and hostapd vulnerabilities
2015-11-10 00:00:00
debian
debian
[SECURITY] [DSA 3397-1] wpa security update
2015-11-10 20:08:26
[SECURITY] [DSA 3397-1] wpa security update
2015-11-10 20:08:26
osv
osv
wpa - security update
2015-11-10 00:00:00
suse
suse
Security update for hostapd (important)
2017-10-28 00:18:34