[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2015-8041Date: (C)2015-12-15   (M)2023-12-22


Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before 2.5 allow remote attackers to cause a denial of service (process crash or infinite loop) via a large payload length field value in an (1) WPS or (2) P2P NFC NDEF record, which triggers an out-of-bounds read.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
BID-75604
DSA-3397
http://www.openwall.com/lists/oss-security/2015/11/02/5
http://w1.fi/security/2015-5/incomplete-wps-and-p2p-nfc-ndef-record-payload-length-validation.txt
https://w1.fi/cgit/hostap/plain/hostapd/ChangeLog
https://w1.fi/cgit/hostap/plain/wpa_supplicant/ChangeLog
openSUSE-SU-2015:1912
openSUSE-SU-2015:1920

CPE    3
cpe:/o:opensuse:opensuse:13.1
cpe:/a:w1.fi:hostapd
cpe:/a:w1.fi:wpa_supplicant
CWE    1
CWE-189
OVAL    4
oval:org.secpod.oval:def:602277
oval:org.secpod.oval:def:89046352
oval:org.secpod.oval:def:89000086
oval:org.secpod.oval:def:89000520
...

© SecPod Technologies