Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4445

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2012-4445
Last Modified 17 Aug 2013 02:48:56
Published 10 Oct 2012 02:55:04
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-4445

Summary

Heap-based buffer overflow in the eap_server_tls_process_fragment function in eap_server_tls_common.c in the EAP authentication server in hostapd 0.6 through 1.0 allows remote attackers to cause a denial of service (crash or abort) via a small "TLS Message Length" value in an EAP-TLS message with the "More Fragments" flag set.

Vulnerable Systems

Application

  • W1.fi Hostapd 0.6.0

  • W1.fi Hostapd 0.6.1

  • W1.fi Hostapd 0.6.2

  • W1.fi Hostapd 0.6.3

  • W1.fi Hostapd 0.6.4

  • W1.fi Hostapd 0.6.5

  • W1.fi Hostapd 0.6.6

  • W1.fi Hostapd 0.6.7

  • W1.fi Hostapd 0.7.0

  • W1.fi Hostapd 0.7.1

  • W1.fi Hostapd 0.7.2

  • W1.fi Hostapd 0.7.3

  • W1.fi Hostapd 1.0


References

BID - 55826

MISC - http://www.pre-cert.de/advisories/PRE-SA-2012-07.txt

MLIST - [oss-security] 20121008 [PRE-SA-2012-07] hostapd: Missing EAP-TLS message length validation

DEBIAN - DSA-2557

CONFIRM - http://w1.fi/gitweb/gitweb.cgi?p=hostap.git;a=commitdiff;h=586c446e0ff42ae00315b014924ec669023bd8de

SECUNIA - 50888

SECUNIA - 50805

OSVDB - 86051

XF - hostapd-eaptls-dos(79104)

MANDRIVA - MDVSA-2012:168

SECTRACK - 1027808

FREEBSD - FreeBSD-SA-12:07


Last Updated: 27 May 2016 11:00:58