CVSS: 8.1EPSS: 1%CPEs: 28EXPL: 0CVE-2019-9498 – The implementations of EAP-PWD in hostapd EAP Server do not validate the scalar and element values in EAP-pwd-Commit
https://notcve.org/view.php?id=CVE-2019-9498
11 Apr 2019 — The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete authentication, gaining session key and network access without needing or learning the password. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-... • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html • CWE-287: Improper Authentication CWE-346: Origin Validation Error •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0CVE-2015-8041 – Debian Security Advisory 3397-1
https://notcve.org/view.php?id=CVE-2015-8041
09 Nov 2015 — Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before 2.5 allow remote attackers to cause a denial of service (process crash or infinite loop) via a large payload length field value in an (1) WPS or (2) P2P NFC NDEF record, which triggers an out-of-bounds read. Múltiples desbordamientos de entero en el analizador de registro NDEF en hostapd en versiones anteriores a 2.5 y wpa_supplicant en versiones anteriores a 2.5 permite a atacantes remotos causar una denega... • http://lists.opensuse.org/opensuse-updates/2015-11/msg00037.html • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2007-6025
https://notcve.org/view.php?id=CVE-2007-6025
19 Nov 2007 — Stack-based buffer overflow in driver_wext.c in wpa_supplicant 0.6.0 and earlier allows remote attackers to cause a denial of service (crash) via crafted TSF data. Desbordamiento de búfer en driver_wext.c de wpa_supplicant 0.6.0 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (caída) mediante datos TSF manipulados. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=442387 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 10EXPL: 0CVE-2005-0470
https://notcve.org/view.php?id=CVE-2005-0470
19 Feb 2005 — Buffer overflow in wpa_supplicant before 0.2.7 allows remote attackers to cause a denial of service (segmentation fault) via invalid EAPOL-Key packet data. • http://lists.shmoo.com/pipermail/hostap/2005-February/009465.html •