RedHat Update for wpa_supplicant RHSA-2015:1090-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

hostapd: integer underflow in AP mode WMM Action frame processing

An integer underflow flaw, leading to a buffer over-read, was found in the way wpasupplicant handled WMM Action frames. A specially crafted frame could possibly allow an attacker within Wi-Fi radio range to cause wpasupplicant to crash...

Important: Red Hat Security Advisory: wpa_supplicant security and enhancement update

An updated wpasupplicant package that fixes two security issues and adds one enhancement is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

wpa_supplicant security and enhancement update

1:2.0-17 - AP WMM: Fix integer underflow in WMM Action frame parser rh 1221178 rh 1222015 1:2.0-16 - P2P: Validate SSID element length before copying it CVE-2015-1863 1:2.0-15 - Add domainmatch config option from upstream rh 1178263 - Include peer certificate in EAP events for use by clients...

CVE-2015-4021

The CVE-2015-4021 vulnerability affects PHP’s phar_parse_tarfile (ext/phar/tar.c) in versions before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9. It does not verify that the first character of a filename differs from the NULL byte, allowing a crafted tar entry to trigger an integer underf...

EUVD-2015-4049

The pharparsetarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a filename is different from the \0 character, which allows remote attackers to cause a denial of service integer underflow and memory...

Amazon Linux AMI : php54 (ALAS-2015-534)

An integer underflow flaw leading to out-of-bounds memory access was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened. CVE-2015-4021 An integer overflow flaw leading to a heap based...

Amazon Linux AMI : php56 (ALAS-2015-536)

An integer underflow flaw leading to out-of-bounds memory access was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened. CVE-2015-4021 An integer overflow flaw leading to a heap based...

Amazon Linux AMI : php55 (ALAS-2015-535)

An integer underflow flaw leading to out-of-bounds memory access was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened. CVE-2015-4021 An integer overflow flaw leading to a heap based...

FreeBSD : hostapd and wpa_supplicant -- multiple vulnerabilities (bbc0db92-084c-11e5-bb90-002590263bf5)

Jouni Malinen reports : WPS UPnP vulnerability with HTTP chunked transfer encoding. 2015-2 - CVE-2015-4141 Integer underflow in AP mode WMM Action frame processing. 2015-3 - CVE-2015-4142 EAP-pwd missing payload length validation. 2015-4 - CVE-2015-4143, CVE-2015-4144, CVE-2015-4145, CVE-2015-414...

Important: php56

Issue Overview: An integer underflow flaw leading to out-of-bounds memory access was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened. CVE-2015-4021 An integer overflow flaw leading to...

Medium: php55

Issue Overview: An integer underflow flaw leading to out-of-bounds memory access was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened. CVE-2015-4021 An integer overflow flaw leading to...

Important: php54

Issue Overview: An integer underflow flaw leading to out-of-bounds memory access was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened. CVE-2015-4021 An integer overflow flaw leading to...

CVE-2015-4142

Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpasupplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a denial of service crash via a crafted frame, which triggers an out-of-bounds read...

PHP phar_parse_tarfile() function integer underflow vulnerability

PHP is a general-purpose web programming language. An integer underflow vulnerability exists in the PHP pharparsetarfile function, which allows remote attackers to construct a special Phar file that can be parsed by an application to trigger an overflow and execute arbitrary code...

Fedora 20 : hostapd-2.4-2.fc20 (2015-8386)

Security update for integer underflow in AP mode WMM Action frame processing. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Fedora 21 : hostapd-2.4-2.fc21 (2015-8336)

Security update for integer underflow in AP mode WMM Action frame processing. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Fedora 22 : hostapd-2.4-2.fc22 (2015-8303)

Security update for integer underflow in AP mode WMM Action frame processing. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

hostapd and wpa_supplicant -- multiple vulnerabilities

Jouni Malinen reports: WPS UPnP vulnerability with HTTP chunked transfer encoding. 2015-2 - CVE-2015-4141 Integer underflow in AP mode WMM Action frame processing. 2015-3 - CVE-2015-4142 EAP-pwd missing payload length validation. 2015-4 - CVE-2015-4143, CVE-2015-4144, CVE-2015-4145, CVE-2015-4146...

Medium: unzip

Issue Overview: A buffer overflow was found in the way unzip uncompressed certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash or, possibly, execute arbitrary code when the archive was tested with unzip's '-t' option. CVE-2014-9636 A buffer overflow flaw was...