Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Heap-based buffer overflow in the eap_server_tls_process_fragment function in eap_server_tls_common.c in the EAP authentication server in hostapd 0.6 through 1.0 allows remote attackers to cause a denial of service (crash or abort) via a small "TLS Message Length" value in an EAP-TLS message with the "More Fragments" flag set.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
hostapd 缓冲区错误漏洞
Vulnerability Description
hostapd 0.6至1.0版本中的EAP authentication server中存在名为eap_server_tls_common.c的文件,该文件中的eap_server_tls_process_fragment功能中存在基于堆的缓冲区溢出漏洞。通过在所发送的EAP-TLS信息中加入带有“more fragment”标志的过小的“TLS信息长度”值,远程攻击者可利用该漏洞导致拒绝服务(死机或程序中止)。
CVSS Information
N/A
Vulnerability Type
N/A