Уязвимость CVE-2016-4477

Пакет	Статус	Версия исправления	Релиз	Тип
wpa	fixed	2.3-2.4		package
wpa	fixed	2.3-1+deb8u4	jessie	package

CVE-2016-4477

CVSS3: 7.8

ubuntu

больше 9 лет назад

wpa_supplicant 0.4.0 through 2.5 does not reject \n and \r characters in passphrase parameters, which allows local users to trigger arbitrary library loading and consequently gain privileges, or cause a denial of service (daemon outage), via a crafted (1) SET, (2) SET_CRED, or (3) SET_NETWORK command.

CVE-2016-4477

CVSS3: 7

redhat

почти 10 лет назад

wpa_supplicant 0.4.0 through 2.5 does not reject \n and \r characters in passphrase parameters, which allows local users to trigger arbitrary library loading and consequently gain privileges, or cause a denial of service (daemon outage), via a crafted (1) SET, (2) SET_CRED, or (3) SET_NETWORK command.

CVE-2016-4477

CVSS3: 7.8

nvd

больше 9 лет назад

wpa_supplicant 0.4.0 through 2.5 does not reject \n and \r characters in passphrase parameters, which allows local users to trigger arbitrary library loading and consequently gain privileges, or cause a denial of service (daemon outage), via a crafted (1) SET, (2) SET_CRED, or (3) SET_NETWORK command.

GHSA-3wj5-xm6v-9hmq

CVSS3: 7.8

github

больше 3 лет назад

wpa_supplicant 0.4.0 through 2.5 does not reject \n and \r characters in passphrase parameters, which allows local users to trigger arbitrary library loading and consequently gain privileges, or cause a denial of service (daemon outage), via a crafted (1) SET, (2) SET_CRED, or (3) SET_NETWORK command.

exploitDog

CVE-2016-4477

Описание

Пакеты

Примечания

Связанные уязвимости