34 matches found
Debian: Security Advisory (DLA-147-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2014-3686
wpasupplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpacli or hostapdcli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame...
Mageia: Security Advisory (MGASA-2014-0429)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:1013-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory for wpa_supplicant (SUSE-SU-2014:1356-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2014-1956)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED12 / SLES12 Security Update : wpa_supplicant (SUSE-SU-2015:1013-1)
wpasupplicant was updated to fix three security issues : - CVE-2015-0210: wpasupplicant: broken certificate subject check this adds the 'domainmatch' config option from upstream additional to the already existing domainsuffixmatch - CVE-2014-3686: hostapd command execution - CVE-2015-1863: P2P SS...
Mandriva Linux Security Advisory : wpa_supplicant (MDVSA-2015:120)
Updated wpasupplicant and hostapd packages fix security vulnerability : A vulnerability was found in the mechanism wpacli and hostapdcli use for executing action scripts. An unsanitized string received from a remote device can be passed to a system call resulting in arbitrary command execution...
Debian DLA-147-1 : wpasupplicant security update
It was discovered that wpasupplicant could be tricked into executing arbitrary commands when calling action scripts. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as...
[SECURITY] [DLA 147-1] wpasupplicant security update
Package : wpasupplicant Version : 0.6.10-2.1+deb6u1 CVE ID : CVE-2014-3686 It was discovered that wpasupplicant could be tricked into executing arbitrary commands when calling action scripts...
CentOS 7 : wpa_supplicant (CESA-2014:1956)
An updated wpasupplicant package that fixes one security issue is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Oracle Linux 7 : wpa_supplicant (ELSA-2014-1956)
The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2014-1956 advisory. 1:2.0-13 - Use osexec for action script execution CVE-2014-3686 Tenable has extracted the preceding description block directly from the Oracle Linux security...
Scientific Linux Security Update : wpa_supplicant on SL7.x x86_64 (20141203)
A command injection flaw was found in the way the wpacli utility executed action scripts. If wpacli was run in daemon mode to execute an action script specified using the -a command line option, and wpasupplicant was configured to connect to a P2P group, malicious P2P group parameters could cause...
RHEL 7 : wpa_supplicant (RHSA-2014:1956)
An updated wpasupplicant package that fixes one security issue is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
wpa_supplicant security update
1:2.0-13 - Use osexec for action script execution CVE-2014-3686...
Fedora 20 : hostapd-2.3-1.fc20 (2014-13783)
Security fix for CVE-2014-3686. Update to version 2.3 from upstream Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora 19 : hostapd-2.0-5.fc19 (2014-13778)
Apply fixes for CVE-2014-3686 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
Fedora Update for hostapd FEDORA-2014-13778
Check the version of hostapd SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868462";...
SuSE 11.3 Security Update : wpa_supplicant (SAT Patch Number 9894)
This update fixes a remote code execution vulnerability in wpasupplicant's wpacli and hostapdcli tools. CVE-2014-3686 has been assigned to this issue. Additionally, password based authentication with PKCS5v2 has been enabled. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive te...
Fedora 21 : hostapd-2.3-1.fc21 (2014-13608)
Security fix for CVE-2014-3686. Update to version 2.3 from upstream. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...