NVD Vulnerability Detail

CVE-2012-4445

Summary	Heap-based buffer overflow in the eap_server_tls_process_fragment function in eap_server_tls_common.c in the EAP authentication server in hostapd 0.6 through 1.0 allows remote attackers to cause a denial of service (crash or abort) via a small "TLS Message Length" value in an EAP-TLS message with the "More Fragments" flag set.
Publication Date	Oct. 11, 2012, 3:55 a.m.
Registration Date	Jan. 28, 2021, 3:03 p.m.
Last Update	Nov. 21, 2024, 10:42 a.m.

Affected software configurations

Related information, measures and tools

No	URL	タグ
1	http://osvdb.org/86051
2	http://osvdb.org/86051
3	http://secunia.com/advisories/50805	Vendor Advisory
4	http://secunia.com/advisories/50805	Vendor Advisory
5	http://secunia.com/advisories/50888	Vendor Advisory
6	http://secunia.com/advisories/50888	Vendor Advisory
7	http://w1.fi/gitweb/gitweb.cgi?p=hostap.git%3Ba=commitdiff%3Bh=586c446e0ff42ae00315b014924ec669023bd8de
8	http://w1.fi/gitweb/gitweb.cgi?p=hostap.git%3Ba=commitdiff%3Bh=586c446e0ff42ae00315b014924ec669023bd8de
9	http://www.debian.org/security/2012/dsa-2557
10	http://www.debian.org/security/2012/dsa-2557
11	http://www.freebsd.org/security/advisories/FreeBSD-SA-12:07.hostapd.asc
12	http://www.freebsd.org/security/advisories/FreeBSD-SA-12:07.hostapd.asc
13	http://www.mandriva.com/security/advisories?name=MDVSA-2012:168
14	http://www.mandriva.com/security/advisories?name=MDVSA-2012:168
15	http://www.openwall.com/lists/oss-security/2012/10/08/3
16	http://www.openwall.com/lists/oss-security/2012/10/08/3
17	http://www.pre-cert.de/advisories/PRE-SA-2012-07.txt
18	http://www.pre-cert.de/advisories/PRE-SA-2012-07.txt
19	http://www.securityfocus.com/bid/55826
20	http://www.securityfocus.com/bid/55826
21	http://www.securitytracker.com/id?1027808
22	http://www.securitytracker.com/id?1027808
23	https://exchange.xforce.ibmcloud.com/vulnerabilities/79104
24	https://exchange.xforce.ibmcloud.com/vulnerabilities/79104

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-119	バッファエラー	https://cwe.mitre.org/data/definitions/118.html

JVN Vulnerability Information

hostapd の EAP authentication server におけるヒープベースのバッファオーバーフローの脆弱性

Title	hostapd の EAP authentication server におけるヒープベースのバッファオーバーフローの脆弱性
Summary	hostapd の EAP authentication server の eap_server_tls_common.c 内の eap_server_tls_process_fragment 関数には、ヒープベースのバッファオーバーフローの脆弱性が存在します。
Possible impacts	第三者により、"More Fragments" フラグが設定されている EAP-TLS メッセージ内の過度に小さい "TLS メッセージ長" の値を介して、サービス運用妨害 (クラッシュまたは停止) 状態にされる可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Oct. 7, 2012, midnight
Registration Date	Oct. 15, 2012, 2:57 p.m.
Last Update	Oct. 15, 2012, 2:57 p.m.

Affected System

w1.fi

hostapd 0.6 から 1.0

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2012-4445	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4445
National Vulnerability Database (NVD)
2	CVE-2012-4445	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4445

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-119	https://jvndb.jvn.jp/ja/cwe/CWE-119.html

ベンダー情報

No	Name	URL
Debian Security Advisory
1	DSA-2557	http://www.debian.org/security/2012/dsa-2557
w1.fi
2	EAP-TLS server: Fix TLS Message Length validation	http://w1.fi/gitweb/gitweb.cgi?p=hostap.git;a=commitdiff;h=586c446e0ff42ae00315b014924ec669023bd8de
3	hostapd	http://hostap.epitest.fi/hostapd/

Change Log

No	Changed Details	Date of change
0	[2012年10月15日] 掲載	Feb. 17, 2018, 10:37 a.m.