CVE-2015-5314 in Hostapdinformação

Sumário

de MITRE

The eap_pwd_process function in eap_server/eap_server_pwd.c in hostapd 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when used with (1) an internal EAP server or (2) a RADIUS server and EAP-pwd is enabled in a runtime configuration, which allows remote attackers to cause a denial of service (process termination) via a large final fragment in an EAP-pwd message.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservar

01/07/2015

Divulgação

21/02/2018

Moderação

aceite

Entrada

VDB-113648

CPE

pronto

EPSS

0.02298

KEV

não

Atividades

muito baixo

Fontes

Want to know what is going to be exploited?

We predict KEV entries!