14 matches found
openSUSE Security Update : hostapd (openSUSE-SU-2012:1371-1)
This patch validated the message length of EAP-TLS to avoid the potential DoS attack %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-718. The text description of this plugin is C...
FreeBSD Ports: FreeBSD
The remote host is missing an update to the system as announced in the referenced advisory. VID f115f693-36b2-11e2-a633-902b343deec9 OpenVAS Vulnerability Test $ Description: Auto generated from VID f115f693-36b2-11e2-a633-902b343deec9 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...
FreeBSD Ports: FreeBSD
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD-SA-12:07.hostapd
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-12:07.hostapd Security Advisory The FreeBSD Project Topic: Insufficient message length validation for EAP-TLS messages Category: contrib Module: wpa Announced:...
[ MDVSA-2012:168 ] hostapd
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:168 http://www.mandriva.com/security/ Package : hostapd Date : October 22, 2012 Affected: 2011. Problem Description: Multiple vulnerabilities has been discovered and corrected in hostapd: hostapd 0.7.3, and...
Mandriva Update for hostapd MDVSA-2012:168 (hostapd)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for hostapd FEDORA-2012-15759
Check for the Version of hostapd OpenVAS Vulnerability Test Fedora Update for hostapd FEDORA-2012-15759 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for hostapd FEDORA-2012-15759
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for hostapd FEDORA-2012-15748
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora 16 : hostapd-0.7.3-10.fc16 (2012-15748)
EAP-TLS server: Fix TLS Message Length validation Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
CVE-2012-4445
Heap-based buffer overflow in the eapservertlsprocessfragment function in eapservertlscommon.c in the EAP authentication server in hostapd 0.6 through 1.0 allows remote attackers to cause a denial of service crash or abort via a small "TLS Message Length" value in an EAP-TLS message with the "Mor...
CVE-2012-4445
CVE-2012-4445 describes a heap-based buffer overflow in the hostapd EAP-TLS implementation (eap_server_tls_process_fragment) when processing a fragmented TLS message with a small TLS Message Length, allowing a remote attacker to trigger a denial of service. Affected are hostapd releases 0.6 throu...
CVE-2012-4445
Heap-based buffer overflow in the eapservertlsprocessfragment function in eapservertlscommon.c in the EAP authentication server in hostapd 0.6 through 1.0 allows remote attackers to cause a denial of service crash or abort via a small "TLS Message Length" value in an EAP-TLS message with the "Mor...
[SECURITY] [DSA 2557-1] hostapd security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2557-1 [email protected] http://www.debian.org/security/ Nico Golde October 08, 2012 http://www.debian.org/security/faq -...