PT-2021-18566 · Hostap +4 · Hostapd +4

Name of the Vulnerable Software and Affected Versions: wpa supplicant and hostapd version 2.9 Description: The issue arises from the mishandling of AlgorithmIdentifier parameters in the tls/pkcs1.c and tls/x509v3.c files, potentially leading to forging attacks. Recommendations: For wpa supplicant...

CVE-2021-30004

CVE-2021-30004 concerns wpa_supplicant and hostapd 2.9 where forging attacks may occur due to mishandling of AlgorithmIdentifier parameters in tls/pkcs1.c and tls/x509v3.c. Connected advisories confirm the affected packages include wpa_supplicant and hostapd, with references noting that versions ...

Debian DLA-1522-1 : strongswan security update

Sze Yiu Chau and his team from Purdue University and The University of Iowa found several security issues in the gmp plugin for strongSwan, an IKE/IPsec suite. CVE-2018-16151 The OID parser in the ASN.1 code in gmp allows any number of random bytes after a valid OID. CVE-2018-16152 The...

Debian DSA-4305-1 : strongswan - security update

Sze Yiu Chau and his team from Purdue University and The University of Iowa found several issues in the gmp plugin for strongSwan, an IKE/IPsec suite. Problems in the parsing and verification of RSA signatures could lead to a Bleichenbacher-style low-exponent signature forgery in certificates and...