Search Results (Refine Search)
- CPE Product Version: cpe:/a:w1.fi:hostapd:0.7.3
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2017-13079 |
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients. Published: October 17, 2017; 9:29:00 AM -0400 |
V3.0: 5.3 MEDIUM V2.0: 2.9 LOW |
CVE-2017-13078 |
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients. Published: October 17, 2017; 9:29:00 AM -0400 |
V3.0: 5.3 MEDIUM V2.0: 2.9 LOW |
CVE-2017-13077 |
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. Published: October 16, 2017; 10:29:00 PM -0400 |
V3.0: 6.8 MEDIUM V2.0: 5.4 MEDIUM |
CVE-2016-4476 |
hostapd 0.6.7 through 2.5 and wpa_supplicant 0.6.7 through 2.5 do not reject \n and \r characters in passphrase parameters, which allows remote attackers to cause a denial of service (daemon outage) via a crafted WPS operation. Published: May 09, 2016; 6:59:41 AM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2015-8041 |
Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before 2.5 allow remote attackers to cause a denial of service (process crash or infinite loop) via a large payload length field value in an (1) WPS or (2) P2P NFC NDEF record, which triggers an out-of-bounds read. Published: November 09, 2015; 11:59:10 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2015-4142 |
Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a denial of service (crash) via a crafted frame, which triggers an out-of-bounds read. Published: June 15, 2015; 11:59:06 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2015-4141 |
The WPS UPnP function in hostapd, when using WPS AP, and wpa_supplicant, when using WPS external registrar (ER), 0.7.0 through 2.4 allows remote attackers to cause a denial of service (crash) via a negative chunk length, which triggers an out-of-bounds read or heap-based buffer overflow. Published: June 15, 2015; 11:59:05 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2012-4445 |
Heap-based buffer overflow in the eap_server_tls_process_fragment function in eap_server_tls_common.c in the EAP authentication server in hostapd 0.6 through 1.0 allows remote attackers to cause a denial of service (crash or abort) via a small "TLS Message Length" value in an EAP-TLS message with the "More Fragments" flag set. Published: October 10, 2012; 2:55:04 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2012-2389 |
hostapd 0.7.3, and possibly other versions before 1.0, uses 0644 permissions for /etc/hostapd/hostapd.conf, which might allow local users to obtain sensitive information such as credentials. Published: June 21, 2012; 11:55:12 AM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |