Mandriva Linux Security Advisory : hostapd (MDVSA-2012:168)

This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.


Synopsis :

The remote Mandriva Linux host is missing a security update.

Description :

Multiple vulnerabilities has been discovered and corrected in
hostapd :

hostapd 0.7.3, and possibly other versions before 1.0, uses 0644
permissions for /etc/hostapd/hostapd.conf, which might allow local
users to obtain sensitive information such as credentials
(CVE-2012-2389).

Heap-based buffer overflow in the eap_server_tls_process_fragment
function in eap_server_tls_common.c in the EAP authentication server
in hostapd 0.6 through 1.0 allows remote attackers to cause a denial
of service (crash or abort) via a small TLS Message Length value in an
EAP-TLS message with the More Fragments flag set (CVE-2012-4445).

The updated packages have been patched to correct these issues.

Solution :

Update the affected hostapd package.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 3.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Mandriva Local Security Checks

Nessus Plugin ID: 62659 ()

Bugtraq ID: 54093
55826

CVE ID: CVE-2012-2389
CVE-2012-4445

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now