| Vulnerability Name: | CVE-2005-0470 (CCN-19357) | ||||||||
| Assigned: | 2005-02-16 | ||||||||
| Published: | 2005-02-16 | ||||||||
| Updated: | 2017-07-11 | ||||||||
| Summary: | Buffer overflow in wpa_supplicant before 0.2.7 allows remote attackers to cause a denial of service (segmentation fault) via invalid EAPOL-Key packet data. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||
| References: | Source: CCN Type: Bugzilla Bug 81993 net-wireless/wpa_supplicant buffer overflow Source: MITRE Type: CNA CVE-2005-0470 Source: CCN Type: wpa_supplicant Web page Linux WPA/WPA2/IEEE 802.1X Supplicant Source: CCN Type: wpa_supplicant - new stable release document, Sun Feb 13 18:35:31 MST 2005 wpa_supplicant - new stable releases v0.3.8 and v0.2.7 Source: MLIST Type: UNKNOWN [HostAP] 20050213 wpa_supplicant - new stable releases v0.3.8 and v0.2.7 Source: CCN Type: SA14313 wpa_supplicant EAPOL-Key Frames Buffer Overflow Source: SECUNIA Type: Patch, Vendor Advisory 14313 Source: CCN Type: SECTRACK ID: 1013226 wpa_supplicant Key Data Length Missing Validation Lets Remote Users Crash the Service Source: SECTRACK Type: UNKNOWN 1013226 Source: CCN Type: GLSA-200502-22 wpa_supplicant: Buffer overflow vulnerability Source: GENTOO Type: Patch, Vendor Advisory GLSA-200502-22 Source: CCN Type: OSVDB ID: 13901 wpa_supplicant EAPOL-Key Frames Overflow Source: CCN Type: BID-12664 WPA_Supplicant Remote Buffer Overflow Vulnerability Source: XF Type: UNKNOWN wpasupplicant-bo(19357) Source: XF Type: UNKNOWN wpasupplicant-bo(19357) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||