12 matches found
SUSE: Security Advisory (SUSE-SU-2016:2305-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : wpa_supplicant (openSUSE-2016-1104)
This update for wpasupplicant fixes the following issues : - CVE-2015-4141: WPS UPnP vulnerability with HTTP chunked transfer encoding. bnc930077 - CVE-2015-4142: Integer underflow in AP mode WMM Action frame processing. bnc930078 - CVE-2015-4143: EAP-pwd missing payload length validation...
SUSE SLED12 / SLES12 Security Update : wpa_supplicant (SUSE-SU-2016:2305-1)
This update for wpasupplicant fixes the following issues : - CVE-2015-4141: WPS UPnP vulnerability with HTTP chunked transfer encoding. bnc930077 - CVE-2015-4142: Integer underflow in AP mode WMM Action frame processing. bnc930078 - CVE-2015-4143: EAP-pwd missing payload length validation...
Debian DSA-3397-1 : wpa - security update
Several vulnerabilities have been discovered in wpasupplicant and hostapd. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2015-4141 Kostya Kortchinsky of the Google Security Team discovered a vulnerability in the WPS UPnP function with HTTP chunked...
Ubuntu 14.04 LTS : wpa_supplicant and hostapd vulnerabilities (USN-2650-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2650-1 advisory. Kostya Kortchinsky discovered multiple flaws in wpasupplicant and hostapd. A remote attacker could use these issues to cause wpasupplicant or hostapd to...
Ubuntu: Security Advisory (USN-2650-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2650-1 wpa, wpasupplicant vulnerabilities
Kostya Kortchinsky discovered multiple flaws in wpasupplicant and hostapd. A remote attacker could use these issues to cause wpasupplicant or hostapd to crash, resulting in a denial of service. CVE-2015-4141, CVE-2015-4142, CVE-2015-4143, CVE-2015-4144, CVE-2015-4145, CVE-2015-4146...
CVE-2015-4143
The EAP-pwd server and peer implementation in hostapd and wpasupplicant 1.0 through 2.4 allows remote attackers to cause a denial of service out-of-bounds read and crash via a crafted 1 Commit or 2 Confirm message payload...
CVE-2015-4143
CVE-2015-4143 affects the EAP-pwd server/peer in hostapd and wpa_supplicant (versions 1.0–2.4), enabling remote denial of service via crafted payloads (Commit/Confirm). Root cause: missing payload length validation in EAP-pwd messages, causing out-of-bounds read and crash. Remediation: apply upda...
openSUSE Security Update : wpa-supplicant (openSUSE-2015-411)
wpasupplicant was updated to fix three security issues. The following vulnerabilities were fixed : CVE-2015-4141: WPS UPnP vulnerability with HTTP chunked transfer encoding boo930077 CVE-2015-4142: Integer underflow in AP mode WMM Action frame processing boo930078 CVE-2015-4143: EAP-pwd missing...
CVE-2015-4143
The EAP-pwd server and peer implementation in hostapd and wpasupplicant 1.0 through 2.4 allows remote attackers to cause a denial of service out-of-bounds read and crash via a crafted 1 Commit or 2 Confirm message payload...
hostapd and wpa_supplicant -- multiple vulnerabilities
Jouni Malinen reports: WPS UPnP vulnerability with HTTP chunked transfer encoding. 2015-2 - CVE-2015-4141 Integer underflow in AP mode WMM Action frame processing. 2015-3 - CVE-2015-4142 EAP-pwd missing payload length validation. 2015-4 - CVE-2015-4143, CVE-2015-4144, CVE-2015-4145, CVE-2015-4146...