English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.1.4.2020.3380.1
Categoría:SuSE Local Security Checks
Título:SUSE: Security Advisory (SUSE-SU-2020:3380-1)
Resumen:The remote host is missing an update for the 'wpa_supplicant' package(s) announced via the SUSE-SU-2020:3380-1 advisory.
Descripción:Summary:
The remote host is missing an update for the 'wpa_supplicant' package(s) announced via the SUSE-SU-2020:3380-1 advisory.

Vulnerability Insight:
This update for wpa_supplicant fixes the following issues:

Security issue fixed:

CVE-2019-16275: Fixed an AP mode PMF disconnection protection bypass
(bsc#1150934).

Non-security issues fixed:

Enable SAE support (jsc#SLE-14992).

Limit P2P_DEVICE name to appropriate ifname size.

Fix wicked wlan (bsc#1156920)

Restore fi.epitest.hostap.WPASupplicant.service (bsc#1167331)

With v2.9 fi.epitest.hostap.WPASupplicant.service is obsolete
(bsc#1167331)

Fix WLAN config on boot with wicked. (bsc#1166933)

Update to 2.9 release:
* SAE changes
- disable use of groups using Brainpool curves
- improved protection against side channel attacks
[[link moved to references]]
* EAP-pwd changes
- disable use of groups using Brainpool curves
- allow the set of groups to be configured (eap_pwd_groups)
- improved protection against side channel attacks
[[link moved to references]]
* fixed FT-EAP initial mobility domain association using PMKSA caching
(disabled by default for backwards compatibility, can be enabled with
ft_eap_pmksa_caching=1)
* fixed a regression in OpenSSL 1.1+ engine loading
* added validation of RSNE in (Re)Association Response frames
* fixed DPP bootstrapping URI parser of channel list
* extended EAP-SIM/AKA fast re-authentication to allow use with FILS
* extended ca_cert_blob to support PEM format
* improved robustness of P2P Action frame scheduling
* added support for EAP-SIM/AKA using anonymous@realm identity
* fixed Hotspot 2.0 credential selection based on roaming consortium to
ignore credentials without a specific EAP method
* added experimental support for EAP-TEAP peer (RFC 7170)
* added experimental support for EAP-TLS peer with TLS v1.3
* fixed a regression in WMM parameter configuration for a TDLS peer
* fixed a regression in operation with drivers that offload 802.1X
4-way handshake
* fixed an ECDH operation corner case with OpenSSL
* SAE changes
- added support for SAE Password Identifier
- changed default configuration to enable only groups 19, 20, 21
(i.e., disable groups 25 and 26) and disable all unsuitable groups completely based on REVmd changes
- do not regenerate PWE unnecessarily when the AP uses the anti-clogging token mechanisms
- fixed some association cases where both SAE and FT-SAE were enabled
on both the station and the selected AP
- started to prefer FT-SAE over SAE AKM if both are enabled
- started to prefer FT-SAE over FT-PSK if both are enabled
- fixed FT-SAE when SAE PMKSA caching is used
- reject use of unsuitable groups based on new implementation guidance in REVmd (allow only FFC groups with prime >= 3072 bits and ECC groups with prime >= 256)
- minimize timing and memory use differences in PWE derivation
[[link moved to references]] (CVE-2019-9494, bsc#1131868)
* EAP-pwd changes
- minimize timing and memory use differences in PWE derivation
[[link moved to references]] ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'wpa_supplicant' package(s) on SUSE Linux Enterprise High Performance Computing 15, SUSE Linux Enterprise Module for Basesystem 15-SP1, SUSE Linux Enterprise Module for Basesystem 15-SP2, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server for SAP 15.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-4141
Debian Security Information: DSA-3397 (Google Search)
http://www.debian.org/security/2015/dsa-3397
https://security.gentoo.org/glsa/201606-17
http://www.openwall.com/lists/oss-security/2015/05/09/4
http://www.openwall.com/lists/oss-security/2015/05/31/6
SuSE Security Announcement: openSUSE-SU-2015:1030 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html
http://www.ubuntu.com/usn/USN-2650-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-4142
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172655.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171401.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172608.html
http://www.openwall.com/lists/oss-security/2015/05/09/5
RedHat Security Advisories: RHSA-2015:1090
http://rhn.redhat.com/errata/RHSA-2015-1090.html
RedHat Security Advisories: RHSA-2015:1439
http://rhn.redhat.com/errata/RHSA-2015-1439.html
http://www.securitytracker.com/id/1032625
Common Vulnerability Exposure (CVE) ID: CVE-2015-4143
http://www.openwall.com/lists/oss-security/2015/05/09/6
Common Vulnerability Exposure (CVE) ID: CVE-2015-8041
BugTraq ID: 75604
http://www.securityfocus.com/bid/75604
http://www.openwall.com/lists/oss-security/2015/11/02/5
SuSE Security Announcement: openSUSE-SU-2015:1912 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-11/msg00037.html
SuSE Security Announcement: openSUSE-SU-2015:1920 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-11/msg00041.html
Common Vulnerability Exposure (CVE) ID: CVE-2019-9494
Bugtraq: 20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa (Google Search)
https://seclists.org/bugtraq/2019/May/40
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/
FreeBSD Security Advisory: FreeBSD-SA-19:03
https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc
http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html
SuSE Security Announcement: openSUSE-SU-2020:0222 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html
Common Vulnerability Exposure (CVE) ID: CVE-2019-9495
https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html
Common Vulnerability Exposure (CVE) ID: CVE-2019-9497
Common Vulnerability Exposure (CVE) ID: CVE-2019-9498
Common Vulnerability Exposure (CVE) ID: CVE-2019-9499
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2024 E-Soft Inc. Todos los derechos reservados.