 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2019-10064 |
| Description: | hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743. |
| Test IDs: | 1.3.6.1.4.1.25623.1.0.892318 1.3.6.1.4.1.25623.1.0.892138 |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2019-10064 http://seclists.org/fulldisclosure/2020/Feb/26 http://packetstormsecurity.com/files/156573/Hostapd-Insufficient-Entropy.html http://www.openwall.com/lists/oss-security/2020/02/27/1 https://w1.fi/cgit/hostap/commit/?id=98a516eae8260e6fd5c48ddecf8d006285da7389 https://lists.debian.org/debian-lts-announce/2020/03/msg00010.html https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html http://www.openwall.com/lists/oss-security/2020/02/27/1 http://www.openwall.com/lists/oss-security/2020/02/27/2 |