FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

hostapd and wpa_supplicant -- multiple vulnerabilities

Affected packages
wpa_supplicant < 2.5_1
hostapd < 2.6

Details

VuXML ID 976567f6-05c5-11e6-94fa-002590263bf5
Discovery 2015-11-10
Entry 2016-04-19
Modified 2017-03-22

Jouni Malinen reports:

wpa_supplicant unauthorized WNM Sleep Mode GTK control. (2015-6 - CVE-2015-5310)

[source]

EAP-pwd missing last fragment length validation. (2015-7 - CVE-2015-5315)

[source]

EAP-pwd peer error path failure on unexpected Confirm message. (2015-8 - CVE-2015-5316)

[source]

References

CVE Name CVE-2015-5310
CVE Name CVE-2015-5315
CVE Name CVE-2015-5316
FreeBSD PR ports/208482
URL http://w1.fi/security/2015-6/wpa_supplicant-unauthorized-wnm-sleep-mode-gtk-control.txt
URL http://w1.fi/security/2015-7/eap-pwd-missing-last-fragment-length-validation.txt
URL http://w1.fi/security/2015-8/eap-pwd-unexpected-confirm.txt

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.