21 matches found
Advisory ROSA-SA-2024-2517
software: hostapd 2.9 WASP: ROSA-CHROME packageevrstring: hostapd-2.9-3 CVE-ID: CVE-2019-16275 BDU-ID: 2019-04775 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the Wi-Fi WPA Supplicant secure access component is related to a flaw in the input validation mechanism. Exploitation of the...
CLSA-2024-1720026957 openssl: Fix of 2 CVEs
CVE-2023-0215: biondef: fix a UAF resulting from a bug in BIOnewNDEF - CVE-2023-0464: x509v3: Limit X.509 certificate tree size to avoid exponential use of computational resources...
RHEL 6 : wpa_supplicant (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - NetworkManager, wpasupplicant: Improper x509v3 certificate and key file paths sanitization CVE-2012-1096 ...
RHEL 4 : wpa_supplicant (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - NetworkManager, wpasupplicant: Improper x509v3 certificate and key file paths sanitization CVE-2012-1096 Note that...
GLSA-202309-16 : wpa_supplicant, hostapd: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202309-16 wpasupplicant, hostapd: Multiple Vulnerabilities - In wpasupplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c. CVE-2021-30004 - The...
Security Bulletin: IBM XIV Storage System Gen3 (CVE-2011-4619, CVE-2011-4576, CVE-2011-3210, CVE-2012-4829)
Abstract Certain network-based attacks can cause the administration interface server to reboot CVE-2011-4619 and CVE-2011-3210. Control data may be leaked from pad regions of cipher blocks CVE-2011-4576. Also Release 11.2 adds the ability for the client to install their own X509v3 certificate...
Mageia: Security Advisory (MGASA-2021-0254)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated wpa_supplicant, hostapd packages fix security vulnerability
The wpasupplicant and hostapd packages are updated to fix a forging attacks that may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c. CVE-2021-30004...
Forging Attack
wpasupplicant is vulnerable to forging attacks. It may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c...
openSUSE Security Update : wpa_supplicant (openSUSE-2021-563)
This update for wpasupplicant fixes the following issues : - CVE-2021-30004: Fixed an issue where forging attacks might have occured because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c bsc1184348. This update was imported from the SUSE:SLE-15:Update update projec...
CVE-2021-30004
In wpasupplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c...
CVE-2021-30004
In wpasupplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c...
Design/Logic Flaw
In wpasupplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c...
CVE-2021-30004
In wpasupplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c...
CVE-2021-30004
In wpasupplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c...
CVE-2021-30004
In wpasupplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c...
CVE-2021-30004
CVE-2021-30004 concerns wpa_supplicant and hostapd 2.9 where forging attacks may occur due to mishandling of AlgorithmIdentifier parameters in tls/pkcs1.c and tls/x509v3.c. Connected advisories confirm the affected packages include wpa_supplicant and hostapd, with references noting that versions ...
openssl: Heap-buffer-overflow in X509v3_addr_get_afi
Project: https://github.com/openssl/openssl.git Detailed report: https://oss-fuzz.com/testcase?key=4519542728425472 Project: openssl Fuzzer: libFuzzeropensslx509 Fuzz target binary: x509 Job Type: libfuzzerasanopenssl Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address:...
SSLsplit - transparent SSL/TLS interception
SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. It is intended to be useful for network forensics, application security analysis and penetration testing. SSLsplit is designed to transparently terminate connections that are redirected to it using a...
[SSLsplit] Transparent and scalable SSL/TLS interception
SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original...