CVE-2015-1863

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Heap-based buffer overflow in wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (crash), read memory, or possibly execute arbitrary code via crafted SSID information in a management frame when creating or updating P2P entries.

References

http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00000.html

http://packetstormsecurity.com/files/131598/Android-wpa_supplicant-Heap-Overflow.html

http://rhn.redhat.com/errata/RHSA-2015-1090.html

http://seclists.org/fulldisclosure/2015/Apr/82

http://security.alibaba.com/blog/blog.htm?spm=0.0.0.0.p1ECc3&id=19

http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt

http://www.debian.org/security/2015/dsa-3233

http://www.securityfocus.com/archive/1/535353/100/0/threaded

http://www.securityfocus.com/bid/74296

http://www.securitytracker.com/id/1032192

http://www.ubuntu.com/usn/USN-2577-1

https://security.gentoo.org/glsa/201606-17

Details

Source: MITRE

Published: 2015-04-28

Updated: 2018-10-30

Type: CWE-119

Risk Information

CVSS v2

Base Score: 5.8

Vector: AV:A/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 6.5

Severity: MEDIUM

Tenable Plugins

View all (12 total)

IDNameProductFamilySeverity
104237openSUSE Security Update : hostapd (openSUSE-2017-1201) (KRACK)NessusSuSE Local Security Checks
high
91862GLSA-201606-17 : hostapd and wpa_supplicant: Multiple vulnerabilitiesNessusGentoo Local Security Checks
medium
84198CentOS 7 : wpa_supplicant (CESA-2015:1090)NessusCentOS Local Security Checks
medium
84144Scientific Linux Security Update : wpa_supplicant on SL7.x x86_64 (20150611)NessusScientific Linux Local Security Checks
medium
84142RHEL 7 : wpa_supplicant (RHSA-2015:1090)NessusRed Hat Local Security Checks
medium
84138Oracle Linux 7 : wpa_supplicant (ELSA-2015-1090)NessusOracle Linux Local Security Checks
medium
84079SUSE SLED12 / SLES12 Security Update : wpa_supplicant (SUSE-SU-2015:1013-1)NessusSuSE Local Security Checks
medium
83373Slackware 14.0 / 14.1 / current : wpa_supplicant (SSA:2015-132-03)NessusSlackware Local Security Checks
medium
83230openSUSE Security Update : wpa_supplicant (openSUSE-2015-341)NessusSuSE Local Security Checks
medium
83082FreeBSD : wpa_supplicant -- P2P SSID processing vulnerability (cb9d2fcd-eb47-11e4-b03e-002590263bf5)NessusFreeBSD Local Security Checks
medium
83061Debian DSA-3233-1 : wpa - security updateNessusDebian Local Security Checks
medium
83052Ubuntu 14.04 LTS / 14.10 / 15.04 : wpa vulnerability (USN-2577-1)NessusUbuntu Local Security Checks
medium