14 matches found
What a Mesh: Formal Security Analysis of WPA3 SAE Wireless Authentication
The latest Wi-Fi security standard, IEEE 802.11, includes a secure authentication protocol called SAE, whose use is mandatory for WPA3-Personal networks. The protocol is specified at two separate but linked levels: a traditional cryptographic description of the communication logic between network...
CVE-2024-31470
There is a buffer overflow vulnerability in the underlying SAE Simultaneous Authentication of Equals service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's Access Point management protocol UDP port 8211. Successful...
CVE-2024-31470
There is a buffer overflow vulnerability in the underlying SAE Simultaneous Authentication of Equals service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's Access Point management protocol UDP port 8211. Successful...
SUSE CVE-2019-9494
The implementations of SAE in hostapd and wpasupplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both...
Fixed vulnerability in Wi-Fi SAE and EAP-wd implementations
A vulnerability has been fixed in implementations of the Simultaneous Authentication of Equals SAE and Extensible-Authentication-Protocol-EAP EAP-wd that are used in hostapd and wpasupplicant. The vulnerability enables a malicious party with the ability to execute code on the system to gain acces...
AZL-7747 CVE-2022-23303 affecting package wpa_supplicant for versions less than 2.10-1
The implementations of SAE in hostapd before 2.10 and wpasupplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9494...
DEBIAN-CVE-2022-23303
The implementations of SAE in hostapd before 2.10 and wpasupplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9494...
PT-2022-5940 · Hostap +7 · Hostapd +7
Name of the Vulnerable Software and Affected Versions: hostapd versions prior to 2.10 wpa supplicant versions prior to 2.10 Description: The issue is related to an incomplete fix, resulting in side channel attacks due to cache access patterns. This allows an attacker to potentially disclose...
CVE-2021-41753
A denial-of-service attack in WPA2, and WPA3-SAE authentication methods in D-Link DIR-X1560, v1.04B04, and DIR-X6060, v1.11B04 allows a remote unauthenticated attacker to disconnect a wireless client via sending specific spoofed SAE authentication frames...
hostapd and wpa_supplicant information disclosure vulnerabilities
hostapd is a user space daemon for access points and authentication servers. wpasupplicant is a cross-platform WPA request program. The program supports WEP, WPA, and WPA2, among others. An information disclosure vulnerability exists in the implementation of SAE and EAP-pwd in versions 2.x throug...
ALPINE-CVE-2019-9496
An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate,...
ALPINE-CVE-2019-9494
The implementations of SAE in hostapd and wpasupplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both...
Users get multiple OTP Push Notifications, Radius servers see multiple Auth requests & Auth Failures
Users will receive authentication denials, may receive multiple Push Notifications, Radius servers will log multiple simultaneous authentication requests for the same user with different Radius IDs, or user One Time Password tokens will become locked out. If you review traces, you will see multip...
CVE-2007-2165
The Auth API in ProFTPD before 20070417, when multiple simultaneous authentication modules are configured, does not require that the module that checks authentication is the same as the module that retrieves authentication data, which might allow remote attackers to bypass authentication, as...