CVE-2012-4445
hostapd 0.6-1.0 - Heap-Based Buffer Overflow via EAP-TLS Message Length
Title source: llmDescription
Heap-based buffer overflow in the eap_server_tls_process_fragment function in eap_server_tls_common.c in the EAP authentication server in hostapd 0.6 through 1.0 allows remote attackers to cause a denial of service (crash or abort) via a small "TLS Message Length" value in an EAP-TLS message with the "More Fragments" flag set.
References (12)
Core 12
Core References
Various Sources x_refsource_confirm
http://w1.fi/gitweb/gitweb.cgi?p=hostap.git%3Ba=commitdiff%3Bh=586c446e0ff42ae00315b014924ec669023bd8de
Various Sources x_refsource_misc
http://www.pre-cert.de/advisories/PRE-SA-2012-07.txt
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/10/08/3
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/50805
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2012/dsa-2557
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1027808
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2012:168
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/86051
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/55826
Vendor Advisory vendor-advisory
x_refsource_freebsd
http://www.freebsd.org/security/advisories/FreeBSD-SA-12:07.hostapd.asc
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/79104
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/50888
Scores
EPSS
0.0422
EPSS Percentile
89.8%
Details
CWE
CWE-119
Status
published
Products (13)
w1.fi/hostapd
0.6.0
w1.fi/hostapd
0.6.1
w1.fi/hostapd
0.6.2
w1.fi/hostapd
0.6.3
w1.fi/hostapd
0.6.4
w1.fi/hostapd
0.6.5
w1.fi/hostapd
0.6.6
w1.fi/hostapd
0.6.7
w1.fi/hostapd
0.7.0
w1.fi/hostapd
0.7.1
... and 3 more
Published
Oct 10, 2012
Tracked Since
Feb 18, 2026