6 matches found
CVE-2015-5314
CVE-2015-5314 affects hostapd 2.x up to version before 2.6, where eap_pwd_process in eap_server_pwd.c does not validate that the reassembly buffer is large enough for the final EAP-pwd fragment when using an internal EAP server or a RADIUS server. This can allow remote attackers to trigger a deni...
CVE-2015-5314
The eappwdprocess function in eapserver/eapserverpwd.c in hostapd 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when used with 1 an internal EAP server or 2 a RADIUS server and EAP-pwd is enabled in a runtime configuration, which allows remote...
Debian DSA-3397-1 : wpa - security update
Several vulnerabilities have been discovered in wpasupplicant and hostapd. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2015-4141 Kostya Kortchinsky of the Google Security Team discovered a vulnerability in the WPS UPnP function with HTTP chunked...
Ubuntu 14.04 LTS : wpa_supplicant and hostapd vulnerabilities (USN-2808-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2808-1 advisory. It was discovered that wpasupplicant incorrectly handled WMM Sleep Mode Response frame processing. A remote attacker could use this issue to perform...
Ubuntu: Security Advisory (USN-2808-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2808-1: wpa_supplicant and hostapd vulnerabilities
It was discovered that wpasupplicant incorrectly handled WMM Sleep Mode Response frame processing. A remote attacker could use this issue to perform broadcast/multicast packet injections, or cause a denial of service. CVE-2015-5310 It was discovered that wpasupplicant and hostapd incorrectly...