rpm package
suse/wpa_supplicant&distro=SUSE Linux Enterprise Server for SAP Applications 12
pkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-0210 | Med | 5.9 | < 2.2-8.1 | 2.2-8.1 | Aug 28, 2017 | wpa_supplicant 2.0-16 does not properly check certificate subject name, which allows remote attackers to cause a man-in-the-middle attack. | |
| CVE-2015-1863 | — | < 2.2-8.1 | 2.2-8.1 | Apr 28, 2015 | Heap-based buffer overflow in wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (crash), read memory, or possibly execute arbitrary code via crafted SSID information in a management frame when creating or updating P2P entries. | ||
| CVE-2014-3686 | — | < 2.2-8.1 | 2.2-8.1 | Oct 16, 2014 | wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame. |
- affected < 2.2-8.1fixed 2.2-8.1
wpa_supplicant 2.0-16 does not properly check certificate subject name, which allows remote attackers to cause a man-in-the-middle attack.
- CVE-2015-1863Apr 28, 2015affected < 2.2-8.1fixed 2.2-8.1
Heap-based buffer overflow in wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (crash), read memory, or possibly execute arbitrary code via crafted SSID information in a management frame when creating or updating P2P entries.
- CVE-2014-3686Oct 16, 2014affected < 2.2-8.1fixed 2.2-8.1
wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame.