AVG-10 log
| Package | hostapd |
| Status | Fixed |
| Severity | High |
| Type | multiple issues |
| Affected | 2.5-2 |
| Fixed | 2.6-1 |
| Current | 2.11-4 [extra] |
| Ticket | FS#49196 |
| Created | Sun Sep 18 15:54:55 2016 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2016-4477 | High | No | Privilege escalation | The local configuration update through the control interface SET_NETWORK command could allow privilege escalation for the local user to run code from a... |
| CVE-2016-4476 | Low | Yes | Denial of service | A vulnerability was found in how hostapd and wpa_supplicant writes the configuration file update for the WPA/WPA2 passphrase parameter. If this parameter... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 04 Oct 2016 | ASA-201610-3 | hostapd | multiple issues |
| References |
|---|
https://w1.fi/security/2016-1/psk-parameter-config-update.txt http://www.openwall.com/lists/oss-security/2016/05/03/2 |