Download
| Alert*
oval:org.secpod.oval:def:601812
wpasupplicant is installed oval:org.secpod.oval:def:52625 wpa: client support for WPA and WPA2 Several security issues were fixed in wpa_supplicant and hostapd. oval:org.secpod.oval:def:52506 wpa: client support for WPA and WPA2 - wpasupplicant: client support for WPA and WPA2 wpa_supplicant and hostapd could be made to crash if they received specially crafted network traffic. oval:org.secpod.oval:def:602277 Several vulnerabilities have been discovered in wpa_supplicant and hostapd. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-4141 Kostya Kortchinsky of the Google Security Team discovered a vulnerability in the WPS UPnP function with HTTP chunked transfer ... oval:org.secpod.oval:def:601803 Jouni Malinen discovered an input sanitization issue in the wpa_cli and hostapd_cli tools included in the wpa package. A remote wifi system within range could provide a crafted string triggering arbitrary code execution running with privileges of the affected wpa_cli or hostapd_cli process. oval:org.secpod.oval:def:52325 wpa: client support for WPA and WPA2 - wpasupplicant: client support for WPA and WPA2 wpa_supplicant could be made to run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:52460 wpa: client support for WPA and WPA2 wpa_supplicant could be made to crash, expose memory, or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:602065 The Google security team and the smart hardware research group of Alibaba security team discovered a flaw in how wpa_supplicant used SSID information when creating or updating P2P peer entries. A remote attacker can use this flaw to cause wpa_supplicant to crash, expose memory contents, and potentia ... oval:org.secpod.oval:def:70406 wpa: client support for WPA and WPA2 wpa_supplicant could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:702612 wpa: client support for WPA and WPA2 - wpasupplicant: client support for WPA and WPA2 wpa_supplicant and hostapd could be made to crash if they received specially crafted network traffic. oval:org.secpod.oval:def:702259 wpa: client support for WPA and WPA2 - wpasupplicant: client support for WPA and WPA2 wpa_supplicant could be made to run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:702517 wpa: client support for WPA and WPA2 wpa_supplicant could be made to crash, expose memory, or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:702836 wpa: client support for WPA and WPA2 Several security issues were fixed in wpa_supplicant and hostapd. oval:org.secpod.oval:def:54399 wpa: client support for WPA and WPA2 Several security issues were fixed in wpa_supplicant and hostapd. oval:org.secpod.oval:def:55018 wpa: client support for WPA and WPA2 wpa_supplicant and hostapd could be made to crash if they received specially crafted network traffic. oval:org.secpod.oval:def:54400 wpa: client support for WPA and WPA2 Several security issues were fixed in wpa_supplicant and hostapd. oval:org.secpod.oval:def:54504 Mathy Vanhoef and Eyal Ronen found multiple vulnerabilities in the WPA implementation found in wpa_supplication and hostapd . These vulnerability are also collectively known as "Dragonblood". CVE-2019-9495 Cache-based side-channel attack against the EAP-pwd implementation: an attacker a ... oval:org.secpod.oval:def:54266 wpa: client support for WPA and WPA2 Several security issues were fixed in wpa_supplicant and hostapd. oval:org.secpod.oval:def:55306 A vulnerability was found in the WPA protocol implementation found in wpa_supplication and hostapd . The EAP-pwd implementation in hostapd and wpa_supplicant doesn"t properly validate fragmentation reassembly state when receiving an unexpected fragment. This could lead to a process crash due to a ... oval:org.secpod.oval:def:705118 wpa: client support for WPA and WPA2 wpa_supplicant and hostapd could be made to expose sensitive information over the network. oval:org.secpod.oval:def:1902119 In wnm_parse_neighbor_report_elem of wnm_sta.c, there is a possible out-of-bounds read due to missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 ... oval:org.secpod.oval:def:603929 A vulnerability was found in the WPA protocol implementation found in wpa_supplication and hostapd . The EAP-pwd implementation in hostapd and wpa_supplicant doesn"t properly validate fragmentation reassembly state when receiving an unexpected fragment. This could lead to a process crash due to a ... oval:org.secpod.oval:def:1901960 The EAP-pwd implementation in hostapd before 2.8 and wpasupplicant_supplicant before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to a NULL pointer dereference . This affects ea ... oval:org.secpod.oval:def:54577 wpa: client support for WPA and WPA2 wpa_supplicant and hostapd could be made to crash if they received specially crafted network traffic. oval:org.secpod.oval:def:51919 wpa: client support for WPA and WPA2 Several security issues were fixed in wpa_supplicant. oval:org.secpod.oval:def:703860 wpa: client support for WPA and WPA2 Several security issues were fixed in wpa_supplicant. oval:org.secpod.oval:def:53155 Mathy Vanhoef of the imec-DistriNet research group of KU Leuven discovered multiple vulnerabilities in the WPA protocol, used for authentication in wireless networks. Those vulnerabilities applies to both the access point and the station . An attacker exploiting the vulnerabilities could force the ... oval:org.secpod.oval:def:603131 Mathy Vanhoef of the imec-DistriNet research group of KU Leuven discovered multiple vulnerabilities in the WPA protocol, used for authentication in wireless networks. Those vulnerabilities applies to both the access point and the station . An attacker exploiting the vulnerabilities could force the ... oval:org.secpod.oval:def:704288 wpa: client support for WPA and WPA2 wpa_supplicant and hostapd could be made to expose sensitive information if it received a crafted message. oval:org.secpod.oval:def:51107 wpa: client support for WPA and WPA2 wpa_supplicant and hostapd could be made to expose sensitive information if it received a crafted message. oval:org.secpod.oval:def:704884 wpa: client support for WPA and WPA2 Several security issues were fixed in wpa_supplicant and hostapd. oval:org.secpod.oval:def:603848 Mathy Vanhoef and Eyal Ronen found multiple vulnerabilities in the WPA implementation found in wpa_supplication and hostapd . These vulnerability are also collectively known as Dragonblood. CVE-2019-9495 Cache-based side-channel attack against the EAP-pwd implementation: an attacker able to run u ... oval:org.secpod.oval:def:1901728 hostapd before 2.6 does not prevent use of the low-quality PRNG that is reached by an os_random function call. oval:org.secpod.oval:def:705178 wpa: client support for WPA and WPA2 wpa_supplicant could be made to be disconnected and require reconnection to the network if it received a specially crafted management frame. oval:org.secpod.oval:def:604549 Two vulnerabilities were found in the WPA protocol implementation found in wpa_supplication and hostapd . CVE-2019-13377 A timing-based side-channel attack against WPA3"s Dragonfly handshake when using Brainpool curves could be used by an attacker to retrieve the password. CVE-2019-16275 Insufficie ... oval:org.secpod.oval:def:58885 wpa: client support for WPA and WPA2 wpa_supplicant could be made to be disconnected and require reconnection to the network if it received a specially crafted management frame. oval:org.secpod.oval:def:69764 Two vulnerabilities were found in the WPA protocol implementation found in wpa_supplication and hostapd . CVE-2019-13377 A timing-based side-channel attack against WPA3"s Dragonfly handshake when using Brainpool curves could be used by an attacker to retrieve the password. CVE-2019-16275 Insufficie ... oval:org.secpod.oval:def:705921 wpa: client support for WPA and WPA2 wpa_supplicant could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:602056 The Google security team and the smart hardware research group of Alibaba security team discovered a flaw in how wpa_supplicant used SSID information when creating or updating P2P peer entries. A remote attacker can use this flaw to cause wpa_supplicant to crash, expose memory contents, and potentia ... oval:org.secpod.oval:def:70382 wpa: client support for WPA and WPA2 Several security issues were fixed in wpa_supplicant and hostapd. oval:org.secpod.oval:def:605500 Several vulnerabilities have been discovered in wpa_supplicant and hostapd. CVE-2020-12695 It was discovered that hostapd does not properly handle UPnP subscribe messages under certain conditions, allowing an attacker to cause a denial of service. CVE-2021-0326 It was discovered that wpa_supplicant ... |