This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor w1.Fi First view 2019-08-15
Product Hostapd Last view 2019-09-12
Version 2.8 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:w1.fi:hostapd

Activity : Overall

Related : CVE

  Date Alert Description
6.5 2019-09-12 CVE-2019-16275

hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF (aka management frame protection). The attacker must send a crafted 802.11 frame from a location that is within the 802.11 communications range.

5.9 2019-08-15 CVE-2019-13377

The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able to gain leaked information from a side-channel attack that can be used for full password recovery.

CWE : Common Weakness Enumeration

%idName
50% (1) CWE-346 Origin Validation Error
50% (1) CWE-200 Information Exposure