8 matches found
SUSE SLES12 Security Update : wpa_supplicant (SUSE-SU-2022:1853-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1853-1 advisory. - Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpasupplicant before 2.5 allow remote attackers to...
Advisory ROSA-SA-2021-1998
Software: wpasupplicant 2.6 OS: Cobalt 7.9 CVE-ID: CVE-2017-13084 CVE-Crit: MEDIUM CVE-DESC: Wi-Fi Protected Access WPA and WPA2 allows the Station-to-Station-Link STSL temporary key STK to be reassigned during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or...
Huawei EulerOS: Security Advisory for wpa_supplicant (EulerOS-SA-2020-1036)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 1867-1] wpa security update
Package : wpa Version : 2.3-1+deb8u8 CVE ID : CVE-2019-9495 CVE-2019-9497 CVE-2019-9498 CVE-2019-9499 CVE-2019-11555 Debian Bug : 927463 Several vulnerabilities were discovered in WPA supplicant / hostapd. Some of them could only partially be mitigated, please read below for details. CVE-2019-949...
Fedora 30 : hostapd (2019-28d3ca93d2)
Update to version 2.8 from upstream, Security fix for CVE-2019-11555 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora 30 : 1:wpa_supplicant (2019-ff1b728d09)
upgrade to latest 2.8 version, that includes fix for CVE-2019-11555. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...
CVE-2019-11555
CVE-2019-11555 concerns the EAP-pwd implementation in hostapd (EAP server) prior to 2.8 and wpa_supplicant (EAP peer) prior to 2.8, which does not validate fragmentation reassembly state for an unexpected fragment. This can cause a NULL pointer dereference and denial of service. The affected code...
UBUNTU-CVE-2019-11555
The EAP-pwd implementation in hostapd EAP server before 2.8 and wpasupplicant EAP peer before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to a NULL pointer dereference denial ...