PT-2019-2182 · Linux+4 · Wpa Supplicant+5

Publicado

2019-04-10

·

Atualizado

2022-06-01

·

CVE-2019-9498

CVSS v3.1

8.1

Alta

VetorAV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions hostapd with SAE support versions prior to 2.4 wpa supplicant with SAE support versions prior to 2.4 hostapd with EAP-pwd support versions prior to 2.7 wpa supplicant with EAP-pwd support versions prior to 2.7
Description The issue is related to the implementations of EAP-PWD in hostapd EAP Server and wpa supplicant. When built against a crypto library missing explicit validation on imported elements, they do not validate the scalar and element values in EAP-pwd-Commit. This allows an attacker to use invalid scalar/element values to complete authentication, gaining session key and network access without needing or learning the password.
Recommendations For hostapd with SAE support versions prior to 2.4, update to version 2.4 or later. For wpa supplicant with SAE support versions prior to 2.4, update to version 2.4 or later. For hostapd with EAP-pwd support versions prior to 2.7, update to version 2.7 or later. For wpa supplicant with EAP-pwd support versions prior to 2.7, update to version 2.7 or later.

Correção

Origin Validation Error

Improper Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-346CWE-264CWE-287

Identificadores relacionados

ALT-PU-2019-2497
ALT-PU-2019-2498
ALT-PU-2019-2554
ALT-PU-2020-3139
ALT-PU-2022-1980
BDU:2019-01948
CVE-2019-9498
DLA-1867-1
DSA-4430-1
OPENSUSE-SU-2020:0222-1
OPENSUSE-SU-2020:2053-1
OPENSUSE-SU-2020:2059-1
OPENSUSE-SU-2020_0222-1
OPENSUSE-SU-2020_2053-1
OPENSUSE-SU-2020_2059-1
SUSE-SU-2020:3380-1
SUSE-SU-2020:3424-1
SUSE-SU-2022:1853-1
USN-3944-1

Produtos afetados

Alt Linux
Freebsd
Suse
Ubuntu
Hostapd
Wpa Supplicant