CVE-2017-11668

Name of the Vulnerable Software and Affected Versions eapmd5pass version 1.4

Description A flaw was found in the way eapmd5pass handled processing of network packets, related to the assess packet function in eapmd5pass.c. This issue could allow a remote attacker to crash the eapmd5pass process under certain circumstances by generating specially crafted network traffic.

Recommendations For eapmd5pass version 1.4, consider restricting access to the assess packet function until a patch is available. As a temporary workaround, avoid using the eapmd5pass process to handle network packets from untrusted sources. At the moment, there is no information about a newer version that contains a fix for this vulnerability.