Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
wpa_supplicant 0.4.0 through 2.5 does not reject \n and \r characters in passphrase parameters, which allows local users to trigger arbitrary library loading and consequently gain privileges, or cause a denial of service (daemon outage), via a crafted (1) SET, (2) SET_CRED, or (3) SET_NETWORK command.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
wpa_supplicant 安全漏洞
Vulnerability Description
wpa_supplicant是一款跨平台的WPA请求程序。该程序支持WEP、WPA和WPA2等。 wpa_supplicant 0.4.0版本至2.5版本中存在安全漏洞,该漏洞源于程序没有充分过滤密码参数中的 和 字符。本地攻击者可借助特制的SET、SET_CRED或SET_NETWORK命令利用该漏洞加载任意库,获取权限,或造成拒绝服务(守护进程中断)。
CVSS Information
N/A
Vulnerability Type
N/A