Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2015/11/11 12:0 a.m.40 views

Debian DSA-3397-1 : wpa - security update

Several vulnerabilities have been discovered in wpasupplicant and hostapd. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2015-4141 Kostya Kortchinsky of the Google Security Team discovered a vulnerability in the WPS UPnP function with HTTP chunked...

5.9CVSS6.1AI score0.04198EPSS
Exploits0References36
Tenable Nessus
Tenable Nessus
added 2015/06/17 12:0 a.m.33 views

Ubuntu 14.04 LTS : wpa_supplicant and hostapd vulnerabilities (USN-2650-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2650-1 advisory. Kostya Kortchinsky discovered multiple flaws in wpasupplicant and hostapd. A remote attacker could use these issues to cause wpasupplicant or hostapd to...

5CVSS6.2AI score0.04198EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2015/06/17 12:0 a.m.31 views

Ubuntu: Security Advisory (USN-2650-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.2AI score0.04198EPSS
Exploits0References2
OSV
OSV
added 2015/06/16 5:21 p.m.4 views

USN-2650-1 wpa, wpasupplicant vulnerabilities

Kostya Kortchinsky discovered multiple flaws in wpasupplicant and hostapd. A remote attacker could use these issues to cause wpasupplicant or hostapd to crash, resulting in a denial of service. CVE-2015-4141, CVE-2015-4142, CVE-2015-4143, CVE-2015-4144, CVE-2015-4145, CVE-2015-4146...

5CVSS6.5AI score0.04198EPSS
Exploits0References7
NVD
NVD
added 2015/06/15 3:59 p.m.16 views

CVE-2015-4146

The EAP-pwd peer implementation in hostapd and wpasupplicant 1.0 through 2.4 does not clear the L Length and M More flags before determining if a response should be fragmented, which allows remote attackers to cause a denial of service crash via a crafted message...

5CVSS5.5AI score0.0348EPSS
Exploits0References8
OSV
OSV
added 2015/06/15 3:59 p.m.5 views

CVE-2015-4146

The EAP-pwd peer implementation in hostapd and wpasupplicant 1.0 through 2.4 does not clear the L Length and M More flags before determining if a response should be fragmented, which allows remote attackers to cause a denial of service crash via a crafted message...

5.5AI score
Exploits0References8
CVE
CVE
added 2015/06/15 3:0 p.m.99 views

CVE-2015-4146

The CVE-2015-4146 entry affects hostapd and wpa_supplicant (versions 1.0–2.4) via the EAP-pwd peer implementation. The root cause is that L and M flags are not cleared before fragmentation decisions, enabling remote attackers to trigger a denial of service (crash) with a crafted message. Public d...

5CVSS5.3AI score0.0348EPSS
Exploits0References8Affected Software1
FreeBSD
FreeBSD
added 2015/05/04 12:0 a.m.45 views

hostapd and wpa_supplicant -- multiple vulnerabilities

Jouni Malinen reports: WPS UPnP vulnerability with HTTP chunked transfer encoding. 2015-2 - CVE-2015-4141 Integer underflow in AP mode WMM Action frame processing. 2015-3 - CVE-2015-4142 EAP-pwd missing payload length validation. 2015-4 - CVE-2015-4143, CVE-2015-4144, CVE-2015-4145, CVE-2015-4146...

5CVSS7.1AI score0.04198EPSS
Exploits0References4
Rows per page
Query Builder