Cpe Name:
cpe:2.3:a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:*
# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2015-8041 |
189 |
|
DoS Overflow |
2015-11-09 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before 2.5 allow remote attackers to cause a denial of service (process crash or infinite loop) via a large payload length field value in an (1) WPS or (2) P2P NFC NDEF record, which triggers an out-of-bounds read. |
2 |
CVE-2015-5315 |
119 |
|
DoS Overflow |
2018-02-21 |
2018-03-21 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
The eap_pwd_process function in eap_peer/eap_pwd.c in wpa_supplicant 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when EAP-pwd is enabled in a network configuration profile, which allows remote attackers to cause a denial of service (process termination) via a large final fragment in an EAP-pwd message. |
3 |
CVE-2015-5314 |
119 |
|
DoS Overflow |
2018-02-21 |
2018-03-21 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
The eap_pwd_process function in eap_server/eap_server_pwd.c in hostapd 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when used with (1) an internal EAP server or (2) a RADIUS server and EAP-pwd is enabled in a runtime configuration, which allows remote attackers to cause a denial of service (process termination) via a large final fragment in an EAP-pwd message. |
Total number of vulnerabilities :
3
Page :
1
(This Page)