Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2015-4144

Опубликовано: 15 июн. 2015
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5

Описание

The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate that a message is long enough to contain the Total-Length field, which allows remote attackers to cause a denial of service (crash) via a crafted message.

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

precise

not-affected

code not present
trusty

DNE

trusty/esm

DNE

upstream

pending

2.5
utopic

DNE

vivid

DNE

Показывать по

РелизСтатусПримечание
devel

released

2.1-0ubuntu8
esm-infra-legacy/trusty

released

2.1-0ubuntu1.3
precise

DNE

trusty

released

2.1-0ubuntu1.3
trusty/esm

released

2.1-0ubuntu1.3
upstream

pending

2.5
utopic

released

2.1-0ubuntu4.2
vivid

released

2.1-0ubuntu7.2
vivid/stable-phone-overlay

released

2.1-0ubuntu7.2
vivid/ubuntu-core

released

2.1-0ubuntu7.2

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

precise

not-affected

code not present
trusty

DNE

trusty/esm

DNE

upstream

pending

2.5
utopic

DNE

vivid

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 79%
0.01205
Низкий

5 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2015-4144

redhat
почти 11 лет назад

The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate that a message is long enough to contain the Total-Length field, which allows remote attackers to cause a denial of service (crash) via a crafted message.

nvd логотип

CVE-2015-4144

nvd
больше 10 лет назад

The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate that a message is long enough to contain the Total-Length field, which allows remote attackers to cause a denial of service (crash) via a crafted message.

debian логотип

CVE-2015-4144

debian
больше 10 лет назад

The EAP-pwd server and peer implementation in hostapd and wpa_supplica ...

github логотип

GHSA-c7g5-57m7-29v3

github
больше 3 лет назад

The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate that a message is long enough to contain the Total-Length field, which allows remote attackers to cause a denial of service (crash) via a crafted message.

fstec логотип

BDU:2015-12095

fstec
больше 10 лет назад

Уязвимость операционной системы openSUSE, клиента защищённого доступа Wi-Fi WPA Supplicant, программной точки доступа Jouni Malinen Hostapd, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 79%
0.01205
Низкий

5 Medium

CVSS2

Уязвимость CVE-2015-4144