hostapd 0.6.7 up to and including 2.5 and wpa_supplicant 0.6.7 up to and including 2.5 do not reject \n and \r characters in passphrase parameters, which allows remote malicious users to cause a denial of service (daemon outage) via a crafted WPS operation.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
w1.fi hostapd |
||
w1.fi wpa supplicant |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 17.04 |