This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Xsupplicant First view 2006-10-27
Product Xsupplicant Last view 2006-10-27
Version 1.2.2 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:xsupplicant:xsupplicant

Activity : Overall

Related : CVE

  Date Alert Description
4 2006-10-27 CVE-2006-5602

Multiple memory leaks in xsupplicant before 1.2.6, and possibly other versions, allow attackers to cause a denial of service (memory consumption) via unspecified vectors.
9 2006-10-27 CVE-2006-5601

Stack-based buffer overflow in the eap_do_notify function in eap.c in xsupplicant before 1.2.6, and possibly other versions, allows remote authenticated users to execute arbitrary code via unspecified vectors.

CWE : Common Weakness Enumeration

%idName
100% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

Open Source Vulnerability Database (OSVDB)

id Description
30093 xsupplicant Multiple Unspecified Memory Leak DoS
30092 xsupplicant eap.c eap_do_notify() Function Overflow

OpenVAS Exploits

id Description
2009-10-10 Name : SLES9: Security update for xsupplicant
File : nvt/sles9p5018467.nasl

Nessus® Vulnerability Scanner

id Description
2009-09-24 Name: The remote SuSE 9 host is missing a security-related patch.
File: suse9_11386.nasl - Type: ACT_GATHER_INFO
2007-12-13 Name: The remote SuSE 10 host is missing a security-related patch.
File: suse_xsupplicant-2455.nasl - Type: ACT_GATHER_INFO
2007-10-17 Name: The remote openSUSE host is missing a security update.
File: suse_xsupplicant-2459.nasl - Type: ACT_GATHER_INFO
2007-02-18 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2006-189.nasl - Type: ACT_GATHER_INFO