Buffer overflow in W1.fi Hostapd

CVE-2012-4445

Heap-based buffer overflow in the eap_server_tls_process_fragment function in eap_server_tls_common.c in the EAP authentication server in hostapd 0.6 through 1.0 allows remote attackers to cause a denial of service (crash or abort) via a s…

Vulnerability class: Buffer Overflow

EPSS: 0.053 (90.2th percentile) — read the EPSS interpretation.

Affected products

W1.fi Hostapd — versions 0.6.0, 0.6.1, 0.6.2
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

secalert@redhat.com (x_refsource_CONFIRM)
secalert@redhat.com (x_refsource_MISC)
[oss-security] 20121008 [PRE-SA-2012-07] hostapd: Missing EAP-TLS message length validation (mailing-list, x_refsource_MLIST)
50805 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
DSA-2557 (vendor-advisory, x_refsource_DEBIAN)
1027808 (vdb-entry, x_refsource_SECTRACK)
MDVSA-2012:168 (vendor-advisory, x_refsource_MANDRIVA)
86051 (x_refsource_OSVDB, vdb-entry)
55826 (vdb-entry, x_refsource_BID)
FreeBSD-SA-12:07 (x_refsource_FREEBSD, vendor-advisory)