Lucene search
K

58 matches found

Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.38 views

SUSE SLED15 / SLES15 Security Update : wpa_supplicant (SUSE-SU-2018:3480-1)

This update for wpasupplicant provides the following fixes : This security issues was fixe : CVE-2018-14526: Under certain conditions, the integrity of EAPOL-Key messages was not checked, leading to a decryption oracle. An attacker within range of the Access Point and client could have abused the...

6.5CVSS6.5AI score0.01476EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2018/12/10 12:0 a.m.28 views

Amazon Linux 2 : wpa_supplicant (ALAS-2018-1122)

An issue was discovered in rsnsupp/wpa.c in wpasupplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and client can abuse the vulnerability to recover sensitive...

6.5CVSS6.5AI score0.01476EPSS
Exploits0References2
Amazon
Amazon
added 2018/12/06 12:0 a.m.34 views

Medium: wpa_supplicant

Issue Overview: An issue was discovered in rsnsupp/wpa.c in wpasupplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and client can abuse the vulnerability to recover...

6.5CVSS6.6AI score0.01476EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/11/27 12:0 a.m.35 views

Scientific Linux Security Update : wpa_supplicant on SL7.x x86_64 (20181030)

Security Fixes : - wpasupplicant: Unauthenticated EAPOL-Key decryption in wpasupplicant CVE-2018-14526 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid119202; scriptversion"1.5";...

6.5CVSS6.4AI score0.01476EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/11/07 12:0 a.m.26 views

Oracle Linux 7 : wpa_supplicant (ELSA-2018-3107)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2018-3107 advisory. - Ignore unauthenticated encrypted EAPOL-Key data CVE-2018-14526 Tenable has extracted the preceding description block directly from the Oracle Linux security...

6.5CVSS6.5AI score0.01476EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/10/31 12:0 a.m.144 views

RHEL 7 : wpa_supplicant (RHSA-2018:3107)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2018:3107 advisory. The wpasupplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 IEEE 802.11i / RSN, and various EAP authentication methods...

6.5CVSS6.6AI score0.01476EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2018/10/29 12:0 a.m.20 views

openSUSE Security Update : wpa_supplicant (openSUSE-2018-1316)

This update for wpasupplicant provides the following fixes : This security issues was fixe : - CVE-2018-14526: Under certain conditions, the integrity of EAPOL-Key messages was not checked, leading to a decryption oracle. An attacker within range of the Access Point and client could have abused t...

6.5CVSS6.6AI score0.01476EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2018/10/29 12:0 a.m.20 views

openSUSE Security Update : hostapd (openSUSE-2018-1293)

hostapd was updated to fix following security issue : - CVE-2018-14526: Ignore unauthenticated encrypted EAPOL-Key data bsc1104205 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

6.5CVSS6.4AI score0.01476EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2018/10/28 12:0 a.m.28 views

openSUSE: Security Advisory for wpa_supplicant (openSUSE-SU-2018:3539-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5CVSS6.5AI score0.01476EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2018/10/27 12:13 p.m.672 views

Security update for wpa_supplicant (moderate)

This update for wpasupplicant provides the following fixes: This security issues was fixe: - CVE-2018-14526: Under certain conditions, the integrity of EAPOL-Key messages was not checked, leading to a decryption oracle. An attacker within range of the Access Point and client could have abused the...

3.3CVSS0.8AI score0.01476EPSS
Exploits0References6
OPENSUSE Linux
OPENSUSE Linux
added 2018/10/27 12:29 a.m.598 views

Security update for hostapd (low)

hostapd was updated to fix following security issue: - CVE-2018-14526: Ignore unauthenticated encrypted EAPOL-Key data bsc1104205...

3.3CVSS1.6AI score0.01476EPSS
Exploits0References1
OSV
OSV
added 2018/10/26 8:16 a.m.9 views

SUSE-SU-2018:3480-1 Security update for wpa_supplicant

This update for wpasupplicant provides the following fixes: This security issues was fixe: - CVE-2018-14526: Under certain conditions, the integrity of EAPOL-Key messages was not checked, leading to a decryption oracle. An attacker within range of the Access Point and client could have abused the...

6.5CVSS6.8AI score0.01476EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2018/09/27 12:0 a.m.28 views

EulerOS 2.0 SP3 : wpa_supplicant (EulerOS-SA-2018-1318)

According to the version of the wpasupplicant package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An issue was discovered in rsnsupp/wpa.c in wpasupplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is n...

6.5CVSS6.5AI score0.01476EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/08/23 12:0 a.m.26 views

FreeBSD : FreeBSD -- Unauthenticated EAPOL-Key Decryption Vulnerability (45671c0e-a652-11e8-805b-a4badb2f4699)

When using WPA2, EAPOL-Key frames with the Encrypted flag and without the MIC flag set, the data field was decrypted first without verifying the MIC. When the dta field was encrypted using RC4, for example, when negotiating TKIP as a pairwise cipher, the unauthenticated but decrypted data was...

5.5CVSS6.3AI score0.00383EPSS
Exploits0References2
Mageia
Mageia
added 2018/08/19 6:36 p.m.46 views

Updated wpa_supplicant packages fix security vulnerability

Updated wpasupplicant packages fix security vulnerability: An issue was discovered in rsnsupp/wpa.c in wpasupplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and clie...

6.5CVSS2.2AI score0.01476EPSS
Exploits0References3
OSV
OSV
added 2018/08/19 6:36 p.m.12 views

MGASA-2018-0348 Updated wpa_supplicant packages fix security vulnerability

Updated wpasupplicant packages fix security vulnerability: An issue was discovered in rsnsupp/wpa.c in wpasupplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and clie...

6.5CVSS6.5AI score0.01476EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/08/15 12:0 a.m.26 views

FreeBSD : wpa_supplicant -- unauthenticated encrypted EAPOL-Key data (6bedc863-9fbe-11e8-945f-206a8a720317)

SO-AND-SO reports : A vulnerability was found in how wpasupplicant processes EAPOL-Key frames. It is possible for an attacker to modify the frame in a way that makes wpasupplicant decrypt the Key Data field without requiring a valid MIC value in the frame, i.e., without the frame being...

6.5CVSS6.3AI score0.01476EPSS
Exploits0References3
FreeBSD Advisory
FreeBSD Advisory
added 2018/08/14 12:0 a.m.18 views

FreeBSD-SA-18:11.hostapd

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-18:11.hostapd Security Advisory The FreeBSD Project Topic: Unauthenticated EAPOL-Key Decryption Vulnerability Category: contrib Module: wpa Announced: 2018-08-1...

6.5CVSS6.6AI score0.01476EPSS
Exploits0
FreeBSD
FreeBSD
added 2018/08/14 12:0 a.m.24 views

FreeBSD -- Unauthenticated EAPOL-Key Decryption Vulnerability

Problem Description: When using WPA2, EAPOL-Key frames with the Encrypted flag and without the MIC flag set, the data field was decrypted first without verifying the MIC. When the dta field was encrypted using RC4, for example, when negotiating TKIP as a pairwise cipher, the unauthenticated but...

5.5CVSS0.00383EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/08/10 12:0 a.m.24 views

Debian DLA-1462-1 : wpa security update

The following vulnerability was discovered in wpasupplicant. CVE-2018-14526: | An issue was discovered in rsnsupp/wpa.c in wpasupplicant 2.0 | through 2.6. Under certain conditions, the integrity of EAPOL-Key | messages is not checked, leading to a decryption oracle. An attacker | within range of...

6.5CVSS6.3AI score0.01476EPSS
Exploits0References3
Rows per page
Query Builder