15 matches found
SUSE: Security Advisory (SUSE-SU-2015:2221-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:2305-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : wpa_supplicant (openSUSE-2016-1104)
This update for wpasupplicant fixes the following issues : - CVE-2015-4141: WPS UPnP vulnerability with HTTP chunked transfer encoding. bnc930077 - CVE-2015-4142: Integer underflow in AP mode WMM Action frame processing. bnc930078 - CVE-2015-4143: EAP-pwd missing payload length validation...
SUSE SLED12 / SLES12 Security Update : wpa_supplicant (SUSE-SU-2016:2305-1)
This update for wpasupplicant fixes the following issues : - CVE-2015-4141: WPS UPnP vulnerability with HTTP chunked transfer encoding. bnc930077 - CVE-2015-4142: Integer underflow in AP mode WMM Action frame processing. bnc930078 - CVE-2015-4143: EAP-pwd missing payload length validation...
SUSE SLED11 / SLES11 Security Update : wpa_supplicant (SUSE-SU-2015:2221-1)
wpasupplicant was updated to fix two security issues. These security issues were fixed : - CVE-2015-4142: Integer underflow in the WMM Action frame parser in hostapd and wpasupplicant, when used for AP mode MLME/SME functionality, allowed remote attackers to cause a denial of service crash via a...
SUSE-SU-2015:2221-1 Security update for wpa_supplicant
wpasupplicant was updated to fix two security issues. These security issues were fixed: - CVE-2015-4142: Integer underflow in the WMM Action frame parser in hostapd and wpasupplicant, when used for AP mode MLME/SME functionality, allowed remote attackers to cause a denial of service crash via a...
Debian DSA-3397-1 : wpa - security update
Several vulnerabilities have been discovered in wpasupplicant and hostapd. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2015-4141 Kostya Kortchinsky of the Google Security Team discovered a vulnerability in the WPS UPnP function with HTTP chunked...
Ubuntu 14.04 LTS : wpa_supplicant and hostapd vulnerabilities (USN-2650-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2650-1 advisory. Kostya Kortchinsky discovered multiple flaws in wpasupplicant and hostapd. A remote attacker could use these issues to cause wpasupplicant or hostapd to...
Ubuntu: Security Advisory (USN-2650-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2650-1 wpa, wpasupplicant vulnerabilities
Kostya Kortchinsky discovered multiple flaws in wpasupplicant and hostapd. A remote attacker could use these issues to cause wpasupplicant or hostapd to crash, resulting in a denial of service. CVE-2015-4141, CVE-2015-4142, CVE-2015-4143, CVE-2015-4144, CVE-2015-4145, CVE-2015-4146...
CVE-2015-4141
The WPS UPnP function in hostapd, when using WPS AP, and wpasupplicant, when using WPS external registrar ER, 0.7.0 through 2.4 allows remote attackers to cause a denial of service crash via a negative chunk length, which triggers an out-of-bounds read or heap-based buffer overflow...
CVE-2015-4141
The WPS UPnP function in hostapd, when using WPS AP, and wpasupplicant, when using WPS external registrar ER, 0.7.0 through 2.4 allows remote attackers to cause a denial of service crash via a negative chunk length, which triggers an out-of-bounds read or heap-based buffer overflow...
CVE-2015-4141
CVE-2015-4141 affects the WPS UPnP function in hostapd (WPS AP) and wpa_supplicant (WPS external registrar ER), with versions 0.7.0–2.4. The issue is a negative chunk length in HTTP chunked transfer encoding that enables an out-of-bounds read or heap-based buffer overflow, potentially leading to ...
openSUSE Security Update : wpa-supplicant (openSUSE-2015-411)
wpasupplicant was updated to fix three security issues. The following vulnerabilities were fixed : CVE-2015-4141: WPS UPnP vulnerability with HTTP chunked transfer encoding boo930077 CVE-2015-4142: Integer underflow in AP mode WMM Action frame processing boo930078 CVE-2015-4143: EAP-pwd missing...
hostapd and wpa_supplicant -- multiple vulnerabilities
Jouni Malinen reports: WPS UPnP vulnerability with HTTP chunked transfer encoding. 2015-2 - CVE-2015-4141 Integer underflow in AP mode WMM Action frame processing. 2015-3 - CVE-2015-4142 EAP-pwd missing payload length validation. 2015-4 - CVE-2015-4143, CVE-2015-4144, CVE-2015-4145, CVE-2015-4146...