What Are You Looking For?

Sign Up
Date:         Wed, 3 Dec 2014 21:40:33 +0000
Reply-To:     scientific-linux-users@listserv.fnal.gov
Sender:       Security Errata for Scientific Linux
              
From:         Pat Riehecky 
Subject:      Security ERRATA Moderate: wpa_supplicant on SL7.x x86_64
MIME-Version: 1.0

Synopsis:          Moderate: wpa_supplicant security update
Advisory ID:       SLSA-2014:1956-1
Issue Date:        2014-12-03
CVE Numbers:       CVE-2014-3686
--

A command injection flaw was found in the way the wpa_cli utility executed
action scripts. If wpa_cli was run in daemon mode to execute an action
script (specified using the -a command line option), and wpa_supplicant
was configured to connect to a P2P group, malicious P2P group parameterscould cause wpa_cli to execute arbitrary code. (CVE-2014-3686)
--

SL7
  x86_64
    wpa_supplicant-2.0-13.el7_0.x86_64.rpm
    wpa_supplicant-debuginfo-2.0-13.el7_0.x86_64.rpm

- Scientific Linux Development Team

SciLinux: CVE-2014-3686 Moderate: wpa_supplicant SL7.x x86_64

Moderate: wpa_supplicant security update

Summary

Moderate: wpa_supplicant security update



Security Fixes

Severity
Advisory ID: SLSA-2014:1956-1
Issued Date: : 2014-12-03
CVE Numbers: CVE-2014-3686
A command injection flaw was found in the way the wpa_cli utility executed

Related News

Security Highlights from KubeCon + CloudNativeCon 2023

Nov 18, 2023

Kubernetes Security on AWS: A Practical Guide

Nov 18, 2023

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Nov 28, 2023

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

Nov 25, 2023

News

Advisories

HOWTOs

Features

Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024
Cloud Security Basics for Small Businesses
Scanning and Defending Networks with Nmap

About Us

Powered By

Footer Logo