[pkg-wpa-devel] Bug#765352: wpa: arbitrary command execution via action scripts
Raphael Hertzog
hertzog at debian.org
Tue Oct 14 11:40:28 UTC 2014
Source: wpa
Severity: serious
Tags: security
Hi,
the following vulnerability was published for wpa. It affects both
wpa-supplicant and hostapd:
CVE-2014-3686[0]:
action script execution vulnerability
>From https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3686:
> Jouni Malinen discovered that a string supplied from a remote device could
> be supplied to a system() call in wpa_cli or hostapd_cli when running an
> action script (with the "-a" option), resulting in arbitrary command
> execution. This issue could also be triggered by an attacker within radio
> range.
>
> Patches are available from the following:
> http://w1.fi/security/2014-1/
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3686
https://security-tracker.debian.org/tracker/CVE-2014-3686
Please adjust the affected versions in the BTS as needed.
--
Raphaël Hertzog ◈ Debian Developer
Support Debian LTS: http://www.freexian.com/services/debian-lts.html
Learn to master Debian: http://debian-handbook.info/get/
More information about the Pkg-wpa-devel
mailing list