6 matches found
Debian DSA-3397-1 : wpa - security update
Several vulnerabilities have been discovered in wpasupplicant and hostapd. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2015-4141 Kostya Kortchinsky of the Google Security Team discovered a vulnerability in the WPS UPnP function with HTTP chunked...
Ubuntu 14.04 LTS : wpa_supplicant and hostapd vulnerabilities (USN-2650-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2650-1 advisory. Kostya Kortchinsky discovered multiple flaws in wpasupplicant and hostapd. A remote attacker could use these issues to cause wpasupplicant or hostapd to...
Ubuntu: Security Advisory (USN-2650-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2650-1 wpa, wpasupplicant vulnerabilities
Kostya Kortchinsky discovered multiple flaws in wpasupplicant and hostapd. A remote attacker could use these issues to cause wpasupplicant or hostapd to crash, resulting in a denial of service. CVE-2015-4141, CVE-2015-4142, CVE-2015-4143, CVE-2015-4144, CVE-2015-4145, CVE-2015-4146...
CVE-2015-4145
CVE-2015-4145 affects hostapd and wpa_supplicant (versions 1.0–2.4). The issue is in the EAP-pwd server/peer handling where a crafted message can cause a denial of service via a memory leak by not validating that a fragment is already being processed and by failing to validate payload length. Pub...
hostapd and wpa_supplicant -- multiple vulnerabilities
Jouni Malinen reports: WPS UPnP vulnerability with HTTP chunked transfer encoding. 2015-2 - CVE-2015-4141 Integer underflow in AP mode WMM Action frame processing. 2015-3 - CVE-2015-4142 EAP-pwd missing payload length validation. 2015-4 - CVE-2015-4143, CVE-2015-4144, CVE-2015-4145, CVE-2015-4146...