359 matches found
The vulnerability of the wpa_supplicant function in the EAP hostapd server allows a hacker to induce a service failure.
The vulnerability of the wpasupplicant function in the EAP hostapd server is related to errors during the verification of the recompilation of the fragmentation fragment. Exploiting this vulnerability can allow a malicious actor to cause service failure...
Debian DSA-4632-1 : ppp - security update
Ilja Van Sprundel reported a logic flaw in the Extensible Authentication Protocol EAP packet parser in the Point-to-Point Protocol Daemon pppd. An unauthenticated attacker can take advantage of this flaw to trigger a stack-based buffer overflow, leading to denial of service pppd daemon crash. C...
[SECURITY] [DSA 4632-1] ppp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4632-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 22, 2020 https://www.debian.org/security/faq -...
ALPINE-CVE-2020-8597
eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eaprequest and eapresponse functions...
UBUNTU-CVE-2020-8597
eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eaprequest and eapresponse functions...
PT-2020-1777
Name of the Vulnerable Software and Affected Versions ppp versions 2.4.2 through 2.4.8 Description The issue is related to buffer overflow errors in the eap request and eap response functions of the pppd daemon in the Point-to-Point Protocol PPP. Exploitation of this issue may allow a remote...
PPP Buffer Overflow Vulnerability
PPP is a data link protocol that establishes a direct point-to-point connection. A buffer overflow vulnerability exists in the 'eaprequest' and 'eapresponse ' functions in PPP versions 2.4.2 through 2.4.8. The vulnerability stems from a network system or product performing operations in memory...
The vulnerability in the implementation of the NTLM protocol in Windows operating systems arises from insufficient authentication checks for NTLM packets during their processing. This allows attackers to compromise the security functions of the NTLM MIC (Message Integrity Check) mechanism.
The vulnerability in the implementation of the NTLM protocol in Windows operating systems is related to insufficient authentication checks for NTLM packets during their processing. Exploiting this vulnerability allows an attacker to compromise the security functions of the NTLM Message Integrity...
PT-2019-6101 · Libntlm +5 · Libntlm +5
Name of the Vulnerable Software and Affected Versions: libntlm versions through 1.5 Description: The issue is related to a buffer over-read in the libntlm library, which implements the NT LAN Manager NTLM network authentication protocol. This can be exploited by a remote attacker to execute...
PT-2019-3336 · Cisco · Cisco Ios Xe
Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software for Cisco 4000 Series Integrated Services Routers ISRs affected versions not specified Description: A vulnerability in the Dialer interface feature for ISDN connections could allow an unauthenticated, adjacent attacker t...
Radius Authentication Protocol Detection
Binary data 701135.prm...
Radius Authentication Protocol Detection
Binary data 701136.prm...
Exploit for CVE-2019-12586
ESP32/ESP8266 Wi-Fi Attacks This repository is part of a re...
The vulnerability of the wpa_supplicant component of the EAP-PWD protocol in wireless communication devices certified by WPA allows attackers to compromise the integrity and confidentiality of data, as well as cause service failures. This vulnerability is related to incorrect authentication procedures.
The vulnerability of the wpasupplicant component of the EAP-PWD protocol in wireless communication devices certified for WPA is related to the failure of the EAP-PWD authentication process without obtaining a password. Exploiting this vulnerability allows an attacker to compromise the integrity a...
The vulnerability of the EAP Server component of the EAP-PWD certification protocol for wireless communication devices with WPA encryption lies in the improper use of privileges, allowing attackers to compromise data integrity and confidentiality or cause service failures.
The vulnerability of the EAP Server component of the EAP-PWD protocol for wireless communication devices certified by WPA is related to the lack of explicit checks on imported elements. These imported elements do not undergo verification of scalar values and values of elements in the...
Privilege Escalation
cephx is vulnerable to privilege escalation attacks. This is because cephx authentication protocol does not verify ceph clients correctly. An attacker who has access to the ceph cluster network is able to sniff packets on the network...
DEBIAN-CVE-2019-9498
The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete authentication,...
ALPINE-CVE-2019-9499
The implementations of EAP-PWD in wpasupplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection...
ALPINE-CVE-2019-9498
The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete authentication,...
DEBIAN-CVE-2019-9497
The implementations of EAP-PWD in hostapd EAP Server and wpasupplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This vulnerability may allow an attacker to complete EAP-PWD authentication without knowing the password. However, unless the crypto library does not...