Debian DSA-3397-1 : wpa - security update

Medium Nessus Plugin ID 86833

Synopsis

The remote Debian host is missing a security-related update.

Description

Several vulnerabilities have been discovered in wpa_supplicant and hostapd. The Common Vulnerabilities and Exposures project identifies the following problems :

- CVE-2015-4141 Kostya Kortchinsky of the Google Security Team discovered a vulnerability in the WPS UPnP function with HTTP chunked transfer encoding which may result in a denial of service.

- CVE-2015-4142 Kostya Kortchinsky of the Google Security Team discovered a vulnerability in the WMM Action frame processing which may result in a denial of service.

- CVE-2015-4143 CVE-2015-4144 CVE-2015-4145 CVE-2015-4146 Kostya Kortchinsky of the Google Security Team discovered that EAP-pwd payload is not properly validated which may result in a denial of service.

- CVE-2015-5310 Jouni Malinen discovered a flaw in the WMM Sleep Mode Response frame processing. A remote attacker can take advantage of this flaw to mount a denial of service.

- CVE-2015-5314 CVE-2015-5315 Jouni Malinen discovered a flaw in the handling of EAP-pwd messages which may result in a denial of service.

- CVE-2015-5316 Jouni Malinen discovered a flaw in the handling of EAP-pwd Confirm messages which may result in a denial of service.

- CVE-2015-8041 Incomplete WPS and P2P NFC NDEF record payload length validation may result in a denial of service.

Solution

Upgrade the wpa packages.

For the oldstable distribution (wheezy), these problems have been fixed in version 1.0-3+deb7u3. The oldstable distribution (wheezy) is only affected by CVE-2015-4141, CVE-2015-4142, CVE-2015-4143 and CVE-2015-8041.

For the stable distribution (jessie), these problems have been fixed in version 2.3-1+deb8u3.

See Also

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=787371

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=787372

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=787373

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795740

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=804707

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=804708

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=804710

https://security-tracker.debian.org/tracker/CVE-2015-4141

https://security-tracker.debian.org/tracker/CVE-2015-4142

https://security-tracker.debian.org/tracker/CVE-2015-4143

https://security-tracker.debian.org/tracker/CVE-2015-4144

https://security-tracker.debian.org/tracker/CVE-2015-4145

https://security-tracker.debian.org/tracker/CVE-2015-4146

https://security-tracker.debian.org/tracker/CVE-2015-5310

https://security-tracker.debian.org/tracker/CVE-2015-5314

https://security-tracker.debian.org/tracker/CVE-2015-5315

https://security-tracker.debian.org/tracker/CVE-2015-5316

https://security-tracker.debian.org/tracker/CVE-2015-8041

https://security-tracker.debian.org/tracker/CVE-2015-4141

https://security-tracker.debian.org/tracker/CVE-2015-4142

https://security-tracker.debian.org/tracker/CVE-2015-4143

https://security-tracker.debian.org/tracker/CVE-2015-8041

https://packages.debian.org/source/wheezy/wpa

https://packages.debian.org/source/jessie/wpa

https://www.debian.org/security/2015/dsa-3397

Plugin Details

Severity: Medium

ID: 86833

File Name: debian_DSA-3397.nasl

Version: 2.7

Type: local

Agent: unix

Published: 2015/11/11

Updated: 2018/11/10

Dependencies: 12634

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSS v3.0

Base Score: 5.9

Temporal Score: 5.2

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:wpa, cpe:/o:debian:debian_linux:7.0, cpe:/o:debian:debian_linux:8.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2015/11/10

Reference Information

CVE: CVE-2015-4141, CVE-2015-4142, CVE-2015-4143, CVE-2015-4144, CVE-2015-4145, CVE-2015-4146, CVE-2015-5310, CVE-2015-5314, CVE-2015-5315, CVE-2015-5316, CVE-2015-8041

DSA: 3397