CVE-2014-3686

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame.

References

http://advisories.mageia.org/MGASA-2014-0429.html

http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00000.html

http://lists.opensuse.org/opensuse-updates/2014-10/msg00027.html

http://lists.opensuse.org/opensuse-updates/2014-10/msg00028.html

http://rhn.redhat.com/errata/RHSA-2014-1956.html

http://secunia.com/advisories/60366

http://secunia.com/advisories/60428

http://secunia.com/advisories/61271

http://w1.fi/security/2014-1/

http://www.debian.org/security/2014/dsa-3052

http://www.mandriva.com/security/advisories?name=MDVSA-2015:120

http://www.openwall.com/lists/oss-security/2014/10/09/28

http://www.securityfocus.com/bid/70396

http://www.ubuntu.com/usn/USN-2383-1

https://bugzilla.redhat.com/show_bug.cgi?id=1151259

https://security.gentoo.org/glsa/201606-17

Details

Source: MITRE

Published: 2014-10-16

Updated: 2016-07-27

Type: CWE-20

Risk Information

CVSS v2

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:w1.fi:hostapd:0.7.2:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.72:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*

Tenable Plugins

View all (20 total)

IDNameProductFamilySeverity
91862GLSA-201606-17 : hostapd and wpa_supplicant: Multiple vulnerabilitiesNessusGentoo Local Security Checks
medium
84079SUSE SLED12 / SLES12 Security Update : wpa_supplicant (SUSE-SU-2015:1013-1)NessusSuSE Local Security Checks
medium
82373Mandriva Linux Security Advisory : wpa_supplicant (MDVSA-2015:120)NessusMandriva Local Security Checks
medium
82130Debian DLA-147-1 : wpasupplicant security updateNessusDebian Local Security Checks
medium
79872Slackware 13.37 / 14.0 / 14.1 / current : wpa_supplicant (SSA:2014-344-07)NessusSlackware Local Security Checks
medium
79726CentOS 7 : wpa_supplicant (CESA-2014:1956)NessusCentOS Local Security Checks
medium
79715Scientific Linux Security Update : wpa_supplicant on SL7.x x86_64 (20141203)NessusScientific Linux Local Security Checks
medium
79711RHEL 7 : wpa_supplicant (RHSA-2014:1956)NessusRed Hat Local Security Checks
medium
79709Oracle Linux 7 : wpa_supplicant (ELSA-2014-1956)NessusOracle Linux Local Security Checks
medium
79069Fedora 21 : wpa_supplicant-2.0-12.fc21 (2014-13537)NessusFedora Local Security Checks
medium
78905Fedora 20 : hostapd-2.3-1.fc20 (2014-13783)NessusFedora Local Security Checks
medium
78903Fedora 19 : hostapd-2.0-5.fc19 (2014-13778)NessusFedora Local Security Checks
medium
78868SuSE 11.3 Security Update : wpa_supplicant (SAT Patch Number 9894)NessusSuSE Local Security Checks
medium
78810Fedora 21 : hostapd-2.3-1.fc21 (2014-13608)NessusFedora Local Security Checks
medium
78731Mandriva Linux Security Advisory : wpa_supplicant (MDVSA-2014:211)NessusMandriva Local Security Checks
medium
78727Fedora 20 : wpa_supplicant-2.0-12.fc20 (2014-13555)NessusFedora Local Security Checks
medium
78637openSUSE Security Update : wpa_supplicant (openSUSE-SU-2014:1313-1)NessusSuSE Local Security Checks
medium
78636openSUSE Security Update : wpa_supplicant (openSUSE-SU-2014:1314-1)NessusSuSE Local Security Checks
medium
78519Debian DSA-3052-1 : wpa - security updateNessusDebian Local Security Checks
medium
78468Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS : wpa, wpasupplicant vulnerability (USN-2383-1)NessusUbuntu Local Security Checks
medium