The WPS UPnP function in hostapd, when using WPS AP, and wpa_supplicant, when using WPS external registrar (ER), 0.7.0 through 2.4 allows remote attackers to cause a denial of service (crash) via a negative chunk length, which triggers an out-of-bounds read or heap-based buffer overflow.
http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html
http://w1.fi/security/2015-2/wps-upnp-http-chunked-transfer-encoding.txt
http://www.debian.org/security/2015/dsa-3397
http://www.openwall.com/lists/oss-security/2015/05/09/4
http://www.openwall.com/lists/oss-security/2015/05/31/6
OR
cpe:2.3:a:w1.fi:wpa_supplicant:0.7.0:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:0.7.2:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*
OR
cpe:2.3:a:w1.fi:hostapd:0.7.0:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:0.7.2:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*
OR
ID | Name | Product | Family | Severity |
---|---|---|---|---|
143627 | SUSE SLED15 / SLES15 Security Update : wpa_supplicant (SUSE-SU-2020:3380-1) (KRACK) | Nessus | SuSE Local Security Checks | medium |
143321 | openSUSE Security Update : wpa_supplicant (openSUSE-2020-2053) (KRACK) | Nessus | SuSE Local Security Checks | medium |
143304 | openSUSE Security Update : wpa_supplicant (openSUSE-2020-2059) (KRACK) | Nessus | SuSE Local Security Checks | medium |
104237 | openSUSE Security Update : hostapd (openSUSE-2017-1201) (KRACK) | Nessus | SuSE Local Security Checks | medium |
93700 | openSUSE Security Update : wpa_supplicant (openSUSE-2016-1104) | Nessus | SuSE Local Security Checks | medium |
93507 | SUSE SLED12 / SLES12 Security Update : wpa_supplicant (SUSE-SU-2016:2305-1) | Nessus | SuSE Local Security Checks | medium |
91862 | GLSA-201606-17 : hostapd and wpa_supplicant: Multiple vulnerabilities | Nessus | Gentoo Local Security Checks | medium |
87279 | SUSE SLED11 / SLES11 Security Update : wpa_supplicant (SUSE-SU-2015:2221-1) | Nessus | SuSE Local Security Checks | medium |
86833 | Debian DSA-3397-1 : wpa - security update | Nessus | Debian Local Security Checks | medium |
84230 | Ubuntu 12.04 LTS / 14.04 LTS / 14.10 / 15.04 : wpa, wpasupplicant vulnerabilities (USN-2650-1) | Nessus | Ubuntu Local Security Checks | medium |
84183 | openSUSE Security Update : wpa-supplicant (openSUSE-2015-411) | Nessus | SuSE Local Security Checks | medium |
83964 | FreeBSD : hostapd and wpa_supplicant -- multiple vulnerabilities (bbc0db92-084c-11e5-bb90-002590263bf5) | Nessus | FreeBSD Local Security Checks | medium |