Download
| Alert*
oval:org.secpod.oval:def:89002753
This update for wpa_supplicant fixes the following issues: - CVE-2021-0326: P2P group information processing vulnerability . - CVE-2019-16275: AP mode PMF disconnection protection bypass oval:org.secpod.oval:def:117444 wpa_supplicant is a WPA Supplicant for Linux, BSD and Windows with support for WPA and WPA2 . Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key negotiation with a WPA Authenticator and it controls the roaming and IEEE 802.11 authentication/association ... oval:org.secpod.oval:def:117266 hostapd is a user space daemon for access point and authentication servers. It implements IEEE 802.11 access point management, IEEE 802.1X/WPA/WPA2/EAP Authenticators and RADIUS authentication server. hostapd is designed to be a "daemon" program that runs in the back-ground and acts as the ... oval:org.secpod.oval:def:117322 hostapd is a user space daemon for access point and authentication servers. It implements IEEE 802.11 access point management, IEEE 802.1X/WPA/WPA2/EAP Authenticators and RADIUS authentication server. hostapd is designed to be a "daemon" program that runs in the back-ground and acts as the ... oval:org.secpod.oval:def:117432 wpa_supplicant is a WPA Supplicant for Linux, BSD and Windows with support for WPA and WPA2 . Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key negotiation with a WPA Authenticator and it controls the roaming and IEEE 802.11 authentication/association ... oval:org.secpod.oval:def:117362 wpa_supplicant is a WPA Supplicant for Linux, BSD and Windows with support for WPA and WPA2 . Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key negotiation with a WPA Authenticator and it controls the roaming and IEEE 802.11 authentication/association ... oval:org.secpod.oval:def:604549 Two vulnerabilities were found in the WPA protocol implementation found in wpa_supplication and hostapd . CVE-2019-13377 A timing-based side-channel attack against WPA3"s Dragonfly handshake when using Brainpool curves could be used by an attacker to retrieve the password. CVE-2019-16275 Insufficie ... oval:org.secpod.oval:def:89000086 This update for wpa_supplicant fixes the following issues: Security issue fixed: - CVE-2019-16275: Fixed an AP mode PMF disconnection protection bypass . Non-security issues fixed: - Enable SAE support . - Limit P2P_DEVICE name to appropriate ifname size. - Fix wicked wlan - Restore fi.epitest.host ... oval:org.secpod.oval:def:705178 wpa: client support for WPA and WPA2 wpa_supplicant could be made to be disconnected and require reconnection to the network if it received a specially crafted management frame. oval:org.secpod.oval:def:59764 Wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF . The attacker must send a crafted 802.11 frame from a location that is within the 802.1 ... oval:org.secpod.oval:def:58885 wpa: client support for WPA and WPA2 wpa_supplicant could be made to be disconnected and require reconnection to the network if it received a specially crafted management frame. oval:org.secpod.oval:def:89000520 This update for wpa_supplicant fixes the following issues: wpa_supplicant was updated to 2.9 release: * SAE changes - disable use of groups using Brainpool curves - improved protection against side channel attacks [https://w1.fi/security/2019-6/] * EAP-pwd changes - disable use of groups using Brain ... oval:org.secpod.oval:def:59763 hostapd before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF . The attacker must send a crafted 802.11 frame from a location that is within the 802.11 commu ... oval:org.secpod.oval:def:69764 Two vulnerabilities were found in the WPA protocol implementation found in wpa_supplication and hostapd . CVE-2019-13377 A timing-based side-channel attack against WPA3"s Dragonfly handshake when using Brainpool curves could be used by an attacker to retrieve the password. CVE-2019-16275 Insufficie ... |