Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2012-4445
HistoryOct 10, 2012 - 12:00 a.m.

CVE-2012-4445

2012-10-1000:00:00
ubuntu.com
ubuntu.com
7

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.082 Low

EPSS

Percentile

94.3%

JSON

Heap-based buffer overflow in the eap_server_tls_process_fragment function
in eap_server_tls_common.c in the EAP authentication server in hostapd 0.6
through 1.0 allows remote attackers to cause a denial of service (crash or
abort) via a small “TLS Message Length” value in an EAP-TLS message with
the “More Fragments” flag set.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu11.04noarchhostapd< 0.6.10-2+squeeze1build0.11.04.1UNKNOWN
ubuntu12.04noarchhostapd< 1:0.7.3-4ubuntu1.1UNKNOWN

Related

openvas 10
fedora 3
nessus 7
prion 1
osv 1
securityvulns 5
debian 1
freebsd 1
cve 1
freebsd_advisory 1
debiancve 1
openvas
openvas
Fedora Update for hostapd FEDORA-2012-15759
2012-10-19 00:00:00
Fedora Update for hostapd FEDORA-2012-15748
2012-10-19 00:00:00
FreeBSD Ports: FreeBSD
2012-11-26 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: hostapd-0.7.3-10.fc17
2012-10-18 00:32:53
[SECURITY] Fedora 16 Update: hostapd-0.7.3-10.fc16
2012-10-18 00:28:50
[SECURITY] Fedora 18 Update: hostapd-1.0-3.fc18
2012-10-13 02:59:33
nessus
nessus
Fedora 16 : hostapd-0.7.3-10.fc16 (2012-15748)
2012-10-18 00:00:00
openSUSE Security Update : hostapd (openSUSE-SU-2012:1371-1)
2014-06-13 00:00:00
Debian DSA-2557-1 : hostapd - buffer overflow
2012-10-09 00:00:00
prion
prion
Heap overflow
2012-10-10 18:55:00
osv
osv
hostapd - denial of service
2012-10-08 00:00:00
securityvulns
securityvulns
[PRE-SA-2012-07] hostapd: Missing EAP-TLS message length validation
2012-10-10 00:00:00
[SECURITY] [DSA 2557-1] hostapd security update
2012-10-10 00:00:00
hostapd buffer overflow
2012-10-10 00:00:00
debian
debian
[SECURITY] [DSA 2557-1] hostapd security update
2012-10-08 08:41:48
freebsd
freebsd
FreeBSD -- Insufficient message length validation for EAP-TLS messages
2012-11-22 00:00:00
cve
cve
CVE-2012-4445
2012-10-10 18:55:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-12:07.hostapd
2012-11-22 00:00:00
debiancve
debiancve
CVE-2012-4445
2012-10-10 18:55:00

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.082 Low

EPSS

Percentile

94.3%

JSON
Related for UB:CVE-2012-4445
openvas10fedora3nessus7prion1osv1securityvulns5debian1freebsd1cve1freebsd_advisory1debiancve1