Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Hostapd
(W1\.fi)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 38 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2015-06-15 | CVE-2015-4143 | The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) Commit or (2) Confirm message payload. | Opensuse, Hostapd, Wpa_supplicant | N/A | ||
| 2015-06-15 | CVE-2015-4141 | The WPS UPnP function in hostapd, when using WPS AP, and wpa_supplicant, when using WPS external registrar (ER), 0.7.0 through 2.4 allows remote attackers to cause a denial of service (crash) via a negative chunk length, which triggers an out-of-bounds read or heap-based buffer overflow. | Opensuse, Hostapd, Wpa_supplicant | N/A | ||
| 2014-10-15 | CVE-2014-3686 | wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame. | Ubuntu_linux, Debian_linux, Hostapd, Wpa_supplicant | N/A | ||
| 2012-06-21 | CVE-2012-2389 | hostapd 0.7.3, and possibly other versions before 1.0, uses 0644 permissions for /etc/hostapd/hostapd.conf, which might allow local users to obtain sensitive information such as credentials. | Hostapd | N/A |