W1.fi Hostapd
21 CVEs affecting W1.fi Hostapd. Latest disclosed: 2017-10-17. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-13082 | High | 8.1 | 2017-10-17 | Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BS… |
CVE-2016-4476 | High | 7.5 | 2016-05-09 | hostapd 0.6.7 through 2.5 and wpa_supplicant 0.6.7 through 2.5 do not reject \n and \r characters in passphrase parameters, which allows remote attackers to ca… |
CVE-2017-13086 | Medium | 6.8 | 2017-10-17 | Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an atta… |
CVE-2017-13084 | Medium | 6.8 | 2017-10-17 | Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an… |
CVE-2017-13077 | Medium | 6.8 | 2017-10-17 | Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an at… |
CVE-2017-13088 | Medium | 5.3 | 2017-10-17 | Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network… |
CVE-2017-13087 | Medium | 5.3 | 2017-10-17 | Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management… |
CVE-2017-13081 | Medium | 5.3 | 2017-10-17 | Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshak… |
CVE-2017-13080 | Medium | 5.3 | 2017-10-17 | Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio r… |
CVE-2017-13079 | Medium | 5.3 | 2017-10-17 | Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake… |
CVE-2017-13078 | Medium | 5.3 | 2017-10-17 | Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio ra… |
CVE-2015-8041 | | 2015-11-09 | Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before 2.5 allow remote attackers to cause a denial of service (p… | |
CVE-2015-4146 | | 2015-06-15 | The EAP-pwd peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not clear the L (Length) and M (More) flags before determining if a response… | |
CVE-2015-4145 | | 2015-06-15 | The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate a fragment is already being processed, which allows… | |
CVE-2015-4144 | | 2015-06-15 | The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate that a message is long enough to contain the Total-L… | |
CVE-2015-4143 | | 2015-06-15 | The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (out-of-bounds re… | |
CVE-2015-4142 | | 2015-06-15 | Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionalit… | |
CVE-2015-4141 | | 2015-06-15 | The WPS UPnP function in hostapd, when using WPS AP, and wpa_supplicant, when using WPS external registrar (ER), 0.7.0 through 2.4 allows remote attackers to c… | |
CVE-2014-3686 | | 2014-10-16 | wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli with action scripts, allows remote atta… | |
CVE-2012-4445 | | 2012-10-10 | Heap-based buffer overflow in the eap_server_tls_process_fragment function in eap_server_tls_common.c in the EAP authentication server in hostapd 0.6 through 1… |