CVE-2016-4476 log
| Source |
|
| Severity | Low |
| Remote | Yes |
| Type | Denial of service |
| Description | A vulnerability was found in how hostapd and wpa_supplicant writes the configuration file update for the WPA/WPA2 passphrase parameter. If this parameter has been updated to include control characters either through a WPS operation or through local configuration change over the wpa_supplicant control interface, the resulting configuration file may prevent the hostapd and wpa_supplicant from starting when the updated file is used. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-10 | hostapd | 2.5-2 | 2.6-1 | High | Fixed | FS#49196 |
| AVG-11 | wpa_supplicant | 1:2.5-3 | 1:2.6-1 | High | Fixed | FS#49196 |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 08 Oct 2016 | ASA-201610-7 | AVG-11 | wpa_supplicant | High | multiple issues |
| 04 Oct 2016 | ASA-201610-3 | AVG-10 | hostapd | High | multiple issues |
| References |
|---|
http://www.openwall.com/lists/oss-security/2016/05/03/2 |