Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2012-4445

Heap-based buffer overflow in the eap_server_tls_process_fragment function in eap_server_tls_common.c in the EAP authentication server in hostapd 0.6 through 1.0 allows remote attackers to cause a denial of service (crash or abort) via a small "TLS Message Length" value in an EAP-TLS message with the "More Fragments" flag set.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.053
EPSS Ranking 89.5%
CVSS Severity
CVSS v2 Score 4.3
References
Products affected by CVE-2012-4445
  • W1.fi » Hostapd » Version: 0.6.0
    cpe:2.3:a:w1.fi:hostapd:0.6.0
  • W1.fi » Hostapd » Version: 0.6.1
    cpe:2.3:a:w1.fi:hostapd:0.6.1
  • W1.fi » Hostapd » Version: 0.6.2
    cpe:2.3:a:w1.fi:hostapd:0.6.2
  • W1.fi » Hostapd » Version: 0.6.3
    cpe:2.3:a:w1.fi:hostapd:0.6.3
  • W1.fi » Hostapd » Version: 0.6.4
    cpe:2.3:a:w1.fi:hostapd:0.6.4
  • W1.fi » Hostapd » Version: 0.6.5
    cpe:2.3:a:w1.fi:hostapd:0.6.5
  • W1.fi » Hostapd » Version: 0.6.6
    cpe:2.3:a:w1.fi:hostapd:0.6.6
  • W1.fi » Hostapd » Version: 0.6.7
    cpe:2.3:a:w1.fi:hostapd:0.6.7
  • W1.fi » Hostapd » Version: 0.7.0
    cpe:2.3:a:w1.fi:hostapd:0.7.0
  • W1.fi » Hostapd » Version: 0.7.1
    cpe:2.3:a:w1.fi:hostapd:0.7.1
  • W1.fi » Hostapd » Version: 0.7.2
    cpe:2.3:a:w1.fi:hostapd:0.7.2
  • W1.fi » Hostapd » Version: 0.7.3
    cpe:2.3:a:w1.fi:hostapd:0.7.3
  • W1.fi » Hostapd » Version: 1.0
    cpe:2.3:a:w1.fi:hostapd:1.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved