var-201904-1552
Vulnerability from variot
The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected. WPA3 Protocol and hostapd When wpa_supplicant There are multiple vulnerabilities in the implementation of, and a remote attacker can obtain weak password information and privileges, as well as disrupt service operations. (DoS) An attack may be carried out. These vulnerabilities "Dragonblood" It is called. CERT/CC Then continue WPA3 The protocol is being verified. Discovered this time WPA3 Vulnerabilities related to the implementation of can be attributed to the protocol specification itself. WPA3 Is a key exchange protocol, Simultaneous Authentication of Equals (SAE) Is adopted. this is "Dragonfly Key Exchange" It is also called WPA2 In Pre-Shared Key (PSK) Acts as a protocol replacement. hostapd Is WPA3 Access point and authentication server daemon is. Also, wpa_supplicant Is WPA authenticator ( access point ) Implemented key exchange with supplicant ( client ) And WPA3 Is supported. SAE confirm Message validation is not performed during processing (CWE-642) - CVE-2019-9496 hostapd Process hostapd/AP When operating in mode SAE confirm Incomplete verification of message processing due to incorrect authentication sequence hostapd The process may end. EAP-PWD Reflection attack (EAP-pwd-Commit Incorrect message validation ) (CWE-301) - CVE-2019-9497 hostapd (EAP Server) And wpa_supplicant (EAP Peer) In EAP-PWD In implementation, EAP-pwd-Commit Message scalar and element values are not validated. EAP-PWD Server In EAP-pwd-Commit Incorrect message validation (CWE-346) - CVE-2019-9498 hostapd (EAP Server) In EAP-PWD In the implementation, the cryptographic library used for the build is EAP-pwd-Commit Message element value (EC point) If you do not implement the verification process for EAP-pwd-Commit Message scalar and element values are not validated. EAP-PWD Peer In EAP-pwd-Commit Incorrect message validation (CWE-346) - CVE-2019-9499 wpa_supplicant (EAP Peer) In EAP-PWD In the implementation, the cryptographic library used for the build is EAP-pwd-Commit Message element value (EC point) If you do not implement the verification process for EAP-pwd-Commit Message scalar and element values are not validated. A side-channel attack captures information that can be used to recover passwords - CVE-2019-9494 * A weak password is obtained by a dictionary attack - CVE-2019-9495 This attack requires the authority to install and execute applications. Memory access pattern analysis is possible by observing the shared cache. hostapd/wpa_supplicant 2.7 And later versions CVE-2019-9494 Is not affected by the timing attack hostapd Process can be terminated ( Service operation interruption ) - CVE-2019-9496 *EAP-PWD Authentication is bypassed - CVE-2019-9497 Crypto library EC point If a verification process is implemented for an attacker, an attacker cannot acquire or exchange a session key * Illegal scalar / Session key is obtained using message with element value and authentication is bypassed - CVE-2019-9498, CVE-2019-9499. WPA3 is prone to a security weakness. Attackers can exploit this issue to bypass certain security restrictions to perform unauthorized actions. This may aid in further attacks. There is an information disclosure vulnerability in WPA3, which originates from configuration errors in the network system or product during operation. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
============================================================================= FreeBSD-SA-19:03.wpa Security Advisory The FreeBSD Project
Topic: Multiple vulnerabilities in hostapd and wpa_supplicant
Category: contrib Module: wpa Announced: 2019-05-14 Affects: All supported versions of FreeBSD. Corrected: 2019-05-01 01:42:38 UTC (stable/12, 12.0-STABLE) 2019-05-14 22:57:29 UTC (releng/12.0, 12.0-RELEASE-p4) 2019-05-01 01:43:17 UTC (stable/11, 11.2-STABLE) 2019-05-14 22:59:32 UTC (releng/11.2, 11.2-RELEASE-p10) CVE Name: CVE-2019-9494, CVE-2019-9495, CVE-2019-9496, CVE-2019-9497, CVE-2019-9498, CVE-2019-9499, CVE-2019-11555
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
I. Background
Wi-Fi Protected Access II (WPA2) is a security protocol developed by the Wi-Fi Alliance to secure wireless computer networks.
hostapd(8) and wpa_supplicant(8) are implementations of user space daemon for access points and wireless client that implements the WPA2 protocol.
II. Problem Description
Multiple vulnerabilities exist in the hostapd(8) and wpa_supplicant(8) implementations. For more details, please see the reference URLs in the References section below.
III. Impact
Security of the wireless network may be compromised. For more details, please see the reference URLS in the References section below.
IV. Workaround
No workaround is available, but systems not using hostapd(8) or wpa_supplicant(8) are not affected.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
Afterwards, restart hostapd(8) or wpa_supplicant(8).
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
Afterwards, restart hostapd(8) or wpa_supplicant(8).
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 12.0]
fetch https://security.FreeBSD.org/patches/SA-19:03/wpa-12.patch
fetch https://security.FreeBSD.org/patches/SA-19:03/wpa-12.patch.asc
gpg --verify wpa-12.patch.asc
[FreeBSD 11.2]
fetch https://security.FreeBSD.org/patches/SA-19:03/wpa-11.patch
fetch https://security.FreeBSD.org/patches/SA-19:03/wpa-11.patch.asc
gpg --verify wpa-11.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as described in .
Restart the applicable daemons, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/12/ r346980 releng/12.0/ r347587 stable/11/ r346981 releng/11.2/ r347588
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII. References
The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlzbTrVfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n 5cLsaA/9EB577JYdYdwFCOQ6TiOVhyluLJzgrhG3aiXeBntj8ytkRjcXKnP0aega 3G2R1do7pixVYUF52OWJwaNO3Hm+LHMngiOqujcLI+49ISI3T/APaU/D2dqmXVb8 nN/Pd+0HDGj3R3MwyyHT8/3fX0pJ395vcQhYb61M6PUSrwr8uiBbILT57iCadZoL F4KOCvRv7I4EFWXvqngGfeohZbbeHPBga2DwuebWR/E/1uWrMKEOF2pvh4b6ZSN2 pdr7ZHMiL1cZt+p+2gwWoqDWyD93u2lTC7Gmo3Vom+meH7eaQ79obXEN541aiQ04 CYhjkwuW5uNGUWCO/Xsfn5gqICeB1G5A/aBHQlAyVgUGia8jukL1jn3ga4AQgKrN h9aTmvrQs17PjMVtq81ZS0xm0ztW0Y6t2A9fRgGcnOOw+uy5tHMbJaKSMy8x97NT gUyXtoyu47tjjMrzsQcma2t6/+iCEDuW1P1LybSmv/v59gro9uveCdl0busgM9GS M5bpWK/qYQS1HYmYeTKMRynmD8ntRbflYoUP/SpijHsz+56rgyeJO12WyltyT32f j5fgnKaznW/UPtgmK0wnPIG9XEj3Nzs4C4cypO5t8OiuLEli4wRdb6MYlvEjq4la R3lnCzmTd9sg+K6cod2qWWSYdsdEwizcpQDp7M9lRqomiANLqJ4= =MXma -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201904-1552",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "11.2"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "29"
},
{
"model": "hostapd",
"scope": "lte",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.7"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "15.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "12.0"
},
{
"model": "router manager",
"scope": "lt",
"trust": 1.0,
"vendor": "synology",
"version": "1.2.3-8087"
},
{
"model": "backports sle",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "15.0"
},
{
"model": "wpa supplicant",
"scope": "lte",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.7"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "28"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "30"
},
{
"model": "radius server",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": "3.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "broadcom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freeradius",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "synology",
"version": null
},
{
"model": "",
"scope": null,
"trust": 0.8,
"vendor": "multiple vendors",
"version": null
},
{
"model": "alliance wpa3 (wi-fi protected access",
"scope": "eq",
"trust": 0.3,
"vendor": "wi fi",
"version": "3)0"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.7.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.5"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.3"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.2"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.0"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.6.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.4.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.0.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.7.3"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.7.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.7.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.6.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.6.6"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.6.5"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.6.4"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.6.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.6.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.6"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.5.6"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.5.5"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.5.4"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.5.3"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.5.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.5.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.5"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.4.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.4.4"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.6"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.5"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.4"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.6.3"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.4.6"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.4.5"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.4.3"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.4.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.4.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.4.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.3.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.3.5"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.3.4"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.3.3"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.3.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.3.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.3.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.2.4"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.2.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.2.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "0.2.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#871675"
},
{
"db": "BID",
"id": "107864"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002625"
},
{
"db": "NVD",
"id": "CVE-2019-9494"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:synology:radius_server:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.2.3-8087",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11.2:p3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11.2:p4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11.2:p5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:12.0:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11.2:p7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:12.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11.2:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11.2:p2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11.2:p6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11.2:p9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:12.0:p3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11.2:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:12.0:p2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11.2:p8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-9494"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mathy Vanhoef (New York University Abu Dhabi) and Eyal Ronen (Tel Aviv University),security.freebsd.org",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-567"
}
],
"trust": 0.6
},
"cve": "CVE-2019-9494",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Adjacent Network",
"authentication": "Single",
"author": "JPCERT/CC",
"availabilityImpact": "Partial",
"baseScore": 7.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2019-002625",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:S/C:C/I:C/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-160929",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2019-9494",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Adjacent Network",
"author": "JPCERT/CC",
"availabilityImpact": "Low",
"baseScore": 6.7,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-002625",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-9494",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "JPCERT/CC",
"id": "JVNDB-2019-002625",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201904-567",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-160929",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-9494",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-160929"
},
{
"db": "VULMON",
"id": "CVE-2019-9494"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002625"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-567"
},
{
"db": "NVD",
"id": "CVE-2019-9494"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected. WPA3 Protocol and hostapd When wpa_supplicant There are multiple vulnerabilities in the implementation of, and a remote attacker can obtain weak password information and privileges, as well as disrupt service operations. (DoS) An attack may be carried out. These vulnerabilities \"Dragonblood\" It is called. CERT/CC Then continue WPA3 The protocol is being verified. Discovered this time WPA3 Vulnerabilities related to the implementation of can be attributed to the protocol specification itself. WPA3 Is a key exchange protocol, Simultaneous Authentication of Equals (SAE) Is adopted. this is \"Dragonfly Key Exchange\" It is also called WPA2 In Pre-Shared Key (PSK) Acts as a protocol replacement. hostapd Is WPA3 Access point and authentication server daemon is. Also, wpa_supplicant Is WPA authenticator ( access point ) Implemented key exchange with supplicant ( client ) And WPA3 Is supported. SAE confirm Message validation is not performed during processing (CWE-642) - CVE-2019-9496 hostapd Process hostapd/AP When operating in mode SAE confirm Incomplete verification of message processing due to incorrect authentication sequence hostapd The process may end. EAP-PWD Reflection attack (EAP-pwd-Commit Incorrect message validation ) (CWE-301) - CVE-2019-9497 hostapd (EAP Server) And wpa_supplicant (EAP Peer) In EAP-PWD In implementation, EAP-pwd-Commit Message scalar and element values are not validated. EAP-PWD Server In EAP-pwd-Commit Incorrect message validation (CWE-346) - CVE-2019-9498 hostapd (EAP Server) In EAP-PWD In the implementation, the cryptographic library used for the build is EAP-pwd-Commit Message element value (EC point) If you do not implement the verification process for EAP-pwd-Commit Message scalar and element values are not validated. EAP-PWD Peer In EAP-pwd-Commit Incorrect message validation (CWE-346) - CVE-2019-9499 wpa_supplicant (EAP Peer) In EAP-PWD In the implementation, the cryptographic library used for the build is EAP-pwd-Commit Message element value (EC point) If you do not implement the verification process for EAP-pwd-Commit Message scalar and element values are not validated.* A side-channel attack captures information that can be used to recover passwords - CVE-2019-9494 * A weak password is obtained by a dictionary attack - CVE-2019-9495 This attack requires the authority to install and execute applications. Memory access pattern analysis is possible by observing the shared cache. hostapd/wpa_supplicant 2.7 And later versions CVE-2019-9494 Is not affected by the timing attack *hostapd Process can be terminated ( Service operation interruption ) - CVE-2019-9496 *EAP-PWD Authentication is bypassed - CVE-2019-9497 Crypto library EC point If a verification process is implemented for an attacker, an attacker cannot acquire or exchange a session key * Illegal scalar / Session key is obtained using message with element value and authentication is bypassed - CVE-2019-9498, CVE-2019-9499. WPA3 is prone to a security weakness. \nAttackers can exploit this issue to bypass certain security restrictions to perform unauthorized actions. This may aid in further attacks. There is an information disclosure vulnerability in WPA3, which originates from configuration errors in the network system or product during operation. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-19:03.wpa Security Advisory\n The FreeBSD Project\n\nTopic: Multiple vulnerabilities in hostapd and wpa_supplicant\n\nCategory: contrib\nModule: wpa\nAnnounced: 2019-05-14\nAffects: All supported versions of FreeBSD. \nCorrected: 2019-05-01 01:42:38 UTC (stable/12, 12.0-STABLE)\n 2019-05-14 22:57:29 UTC (releng/12.0, 12.0-RELEASE-p4)\n 2019-05-01 01:43:17 UTC (stable/11, 11.2-STABLE)\n 2019-05-14 22:59:32 UTC (releng/11.2, 11.2-RELEASE-p10)\nCVE Name: CVE-2019-9494, CVE-2019-9495, CVE-2019-9496, CVE-2019-9497,\n CVE-2019-9498, CVE-2019-9499, CVE-2019-11555\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\nI. Background\n\nWi-Fi Protected Access II (WPA2) is a security protocol developed by the\nWi-Fi Alliance to secure wireless computer networks. \n\nhostapd(8) and wpa_supplicant(8) are implementations of user space daemon for\naccess points and wireless client that implements the WPA2 protocol. \n\nII. Problem Description\n\nMultiple vulnerabilities exist in the hostapd(8) and wpa_supplicant(8)\nimplementations. For more details, please see the reference URLs in the\nReferences section below. \n\nIII. Impact\n\nSecurity of the wireless network may be compromised. For more details,\nplease see the reference URLS in the References section below. \n\nIV. Workaround\n\nNo workaround is available, but systems not using hostapd(8) or\nwpa_supplicant(8) are not affected. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\nAfterwards, restart hostapd(8) or wpa_supplicant(8). \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nAfterwards, restart hostapd(8) or wpa_supplicant(8). \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 12.0]\n# fetch https://security.FreeBSD.org/patches/SA-19:03/wpa-12.patch\n# fetch https://security.FreeBSD.org/patches/SA-19:03/wpa-12.patch.asc\n# gpg --verify wpa-12.patch.asc\n\n[FreeBSD 11.2]\n# fetch https://security.FreeBSD.org/patches/SA-19:03/wpa-11.patch\n# fetch https://security.FreeBSD.org/patches/SA-19:03/wpa-11.patch.asc\n# gpg --verify wpa-11.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart the applicable daemons, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/12/ r346980\nreleng/12.0/ r347587\nstable/11/ r346981\nreleng/11.2/ r347588\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:https://w1.fi/security/2019-1\u003e\n\u003cURL:https://w1.fi/security/2019-2\u003e\n\u003cURL:https://w1.fi/security/2019-3\u003e\n\u003cURL:https://w1.fi/security/2019-4\u003e\n\u003cURL:https://w1.fi/security/2019-5\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9494\u003e\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9495\u003e\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9496\u003e\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9497\u003e\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9498\u003e\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9499\u003e\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11555\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc\u003e\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlzbTrVfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD\nMEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n\n5cLsaA/9EB577JYdYdwFCOQ6TiOVhyluLJzgrhG3aiXeBntj8ytkRjcXKnP0aega\n3G2R1do7pixVYUF52OWJwaNO3Hm+LHMngiOqujcLI+49ISI3T/APaU/D2dqmXVb8\nnN/Pd+0HDGj3R3MwyyHT8/3fX0pJ395vcQhYb61M6PUSrwr8uiBbILT57iCadZoL\nF4KOCvRv7I4EFWXvqngGfeohZbbeHPBga2DwuebWR/E/1uWrMKEOF2pvh4b6ZSN2\npdr7ZHMiL1cZt+p+2gwWoqDWyD93u2lTC7Gmo3Vom+meH7eaQ79obXEN541aiQ04\nCYhjkwuW5uNGUWCO/Xsfn5gqICeB1G5A/aBHQlAyVgUGia8jukL1jn3ga4AQgKrN\nh9aTmvrQs17PjMVtq81ZS0xm0ztW0Y6t2A9fRgGcnOOw+uy5tHMbJaKSMy8x97NT\ngUyXtoyu47tjjMrzsQcma2t6/+iCEDuW1P1LybSmv/v59gro9uveCdl0busgM9GS\nM5bpWK/qYQS1HYmYeTKMRynmD8ntRbflYoUP/SpijHsz+56rgyeJO12WyltyT32f\nj5fgnKaznW/UPtgmK0wnPIG9XEj3Nzs4C4cypO5t8OiuLEli4wRdb6MYlvEjq4la\nR3lnCzmTd9sg+K6cod2qWWSYdsdEwizcpQDp7M9lRqomiANLqJ4=\n=MXma\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-9494"
},
{
"db": "CERT/CC",
"id": "VU#871675"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002625"
},
{
"db": "BID",
"id": "107864"
},
{
"db": "VULHUB",
"id": "VHN-160929"
},
{
"db": "VULMON",
"id": "CVE-2019-9494"
},
{
"db": "PACKETSTORM",
"id": "152914"
}
],
"trust": 2.88
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-160929",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-160929"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-9494",
"trust": 3.0
},
{
"db": "PACKETSTORM",
"id": "152914",
"trust": 1.9
},
{
"db": "CERT/CC",
"id": "VU#871675",
"trust": 1.7
},
{
"db": "BID",
"id": "107864",
"trust": 1.0
},
{
"db": "JVN",
"id": "JVNVU94228755",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002625",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201904-567",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.0047",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.1258",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.0738",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4125",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.1775",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-160929",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-9494",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#871675"
},
{
"db": "VULHUB",
"id": "VHN-160929"
},
{
"db": "VULMON",
"id": "CVE-2019-9494"
},
{
"db": "BID",
"id": "107864"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002625"
},
{
"db": "PACKETSTORM",
"id": "152914"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-567"
},
{
"db": "NVD",
"id": "CVE-2019-9494"
}
]
},
"id": "VAR-201904-1552",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-160929"
}
],
"trust": 0.01
},
"last_update_date": "2024-02-13T00:27:12.341000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "WPA Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=91382"
},
{
"title": "Debian CVElist Bug Report Logs: freeradius: VU#871675: Authentication bypass in EAP-PWD (CVE-2019-11234 CVE-2019-11235)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=e2dffdfdccbb2784fe652db6e5cddb2c"
},
{
"title": "Debian Security Advisories: DSA-4430-1 wpa -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=81a56edb299848e0579a7dd950bd73ba"
},
{
"title": "Debian CVElist Bug Report Logs: src:wpa: multiples vulnerabilities in SAE and EAP-pwd code in wpa",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=39e042d68cbe59a677ae53b8328d282d"
},
{
"title": "PoC in GitHub",
"trust": 0.1,
"url": "https://github.com/nomi-sec/poc-in-github "
},
{
"title": "PoC in GitHub",
"trust": 0.1,
"url": "https://github.com/manas3c/cve-poc "
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2019/04/11/bughunters_punch_holes_in_wpa3_wifi_security/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-9494"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-567"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-203",
"trust": 1.1
},
{
"problemtype": "CWE-200",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-160929"
},
{
"db": "NVD",
"id": "CVE-2019-9494"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.7,
"url": "https://w1.fi/security/2019-1/"
},
{
"trust": 3.0,
"url": "http://packetstormsecurity.com/files/152914/freebsd-security-advisory-freebsd-sa-19-03.wpa.html"
},
{
"trust": 2.5,
"url": "https://wpa3.mathyvanhoef.com/"
},
{
"trust": 2.5,
"url": "https://papers.mathyvanhoef.com/dragonblood.pdf"
},
{
"trust": 2.4,
"url": "https://security.freebsd.org/advisories/freebsd-sa-19:03.wpa.asc"
},
{
"trust": 1.8,
"url": "https://seclists.org/bugtraq/2019/may/40"
},
{
"trust": 1.8,
"url": "https://www.synology.com/security/advisory/synology_sa_19_16"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
},
{
"trust": 1.6,
"url": "https://w1.fi/security/"
},
{
"trust": 1.6,
"url": "https://w1.fi/security/2019-2/"
},
{
"trust": 1.6,
"url": "https://w1.fi/security/2019-3/"
},
{
"trust": 1.6,
"url": "https://w1.fi/security/2019-4/"
},
{
"trust": 1.6,
"url": "https://w1.fi/hostapd/"
},
{
"trust": 1.6,
"url": "https://w1.fi/cgit/hostap/log/"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9494"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56obbojjskrtdgexzovfstp4hdsdblae/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/tdozgr3t7fvo5jszwk2qpr7aofiejtiz/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/svmjofeybgxzlff5iolw67ssopkfejp3/"
},
{
"trust": 0.9,
"url": "https://seclists.org/oss-sec/2019/q2/16"
},
{
"trust": 0.9,
"url": "https://github.com/vanhoefm/dragonforce"
},
{
"trust": 0.9,
"url": "https://github.com/vanhoefm/dragonslayer"
},
{
"trust": 0.9,
"url": "http://www.wi-fi.org/index.php"
},
{
"trust": 0.9,
"url": "https://www.wi-fi.org/news-events/newsroom/wi-fi-alliance-security-update-april-2019"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9495"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9496"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9497"
},
{
"trust": 0.8,
"url": "https://w1.fi/wpa_supplicant/ "
},
{
"trust": 0.8,
"url": "https://freeradius.org/security/"
},
{
"trust": 0.8,
"url": "https://en.avm.de/service/current-security-notifications/"
},
{
"trust": 0.8,
"url": "https://www.lancom-systems.com/service-support/instant-help/general-security-information/"
},
{
"trust": 0.8,
"url": "https://github.com/openssl/openssl/pull/8750"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9497"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9498"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9499"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9494"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9495"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9496"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu94228755/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9498"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9499"
},
{
"trust": 0.8,
"url": "https://www.kb.cert.org/vuls/id/871675/"
},
{
"trust": 0.8,
"url": "https://w1.fi/wpa_supplicant/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56obbojjskrtdgexzovfstp4hdsdblae/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/svmjofeybgxzlff5iolw67ssopkfejp3/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/tdozgr3t7fvo5jszwk2qpr7aofiejtiz/"
},
{
"trust": 0.6,
"url": "http://www.debian.org/security/2019/dsa-4430"
},
{
"trust": 0.6,
"url": "https://fortiguard.com/psirt/fg-ir-19-107"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0047/"
},
{
"trust": 0.6,
"url": "https://www.securityfocus.com/bid/107864"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0738"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4125/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/81182"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/78946"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.1775/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/203.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.theregister.co.uk/2019/04/11/bughunters_punch_holes_in_wpa3_wifi_security/"
},
{
"trust": 0.1,
"url": "https://www.kb.cert.org/vuls/id/871675"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11555\u003e"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-19:03/wpa-11.patch.asc"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9494\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9497\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-19:03/wpa-12.patch.asc"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9499\u003e"
},
{
"trust": 0.1,
"url": "https://w1.fi/security/2019-1\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://w1.fi/security/2019-4\u003e"
},
{
"trust": 0.1,
"url": "https://w1.fi/security/2019-5\u003e"
},
{
"trust": 0.1,
"url": "https://w1.fi/security/2019-2\u003e"
},
{
"trust": 0.1,
"url": "https://w1.fi/security/2019-3\u003e"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-19:03/wpa-11.patch"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9496\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-19:03.wpa.asc\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9495\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9498\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-19:03/wpa-12.patch"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#871675"
},
{
"db": "VULHUB",
"id": "VHN-160929"
},
{
"db": "VULMON",
"id": "CVE-2019-9494"
},
{
"db": "BID",
"id": "107864"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002625"
},
{
"db": "PACKETSTORM",
"id": "152914"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-567"
},
{
"db": "NVD",
"id": "CVE-2019-9494"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#871675"
},
{
"db": "VULHUB",
"id": "VHN-160929"
},
{
"db": "VULMON",
"id": "CVE-2019-9494"
},
{
"db": "BID",
"id": "107864"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002625"
},
{
"db": "PACKETSTORM",
"id": "152914"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-567"
},
{
"db": "NVD",
"id": "CVE-2019-9494"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-04-12T00:00:00",
"db": "CERT/CC",
"id": "VU#871675"
},
{
"date": "2019-04-17T00:00:00",
"db": "VULHUB",
"id": "VHN-160929"
},
{
"date": "2019-04-17T00:00:00",
"db": "VULMON",
"id": "CVE-2019-9494"
},
{
"date": "2019-04-10T00:00:00",
"db": "BID",
"id": "107864"
},
{
"date": "2019-04-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-002625"
},
{
"date": "2019-05-15T15:30:08",
"db": "PACKETSTORM",
"id": "152914"
},
{
"date": "2019-04-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201904-567"
},
{
"date": "2019-04-17T14:29:03.840000",
"db": "NVD",
"id": "CVE-2019-9494"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-05T00:00:00",
"db": "CERT/CC",
"id": "VU#871675"
},
{
"date": "2021-11-03T00:00:00",
"db": "VULHUB",
"id": "VHN-160929"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2019-9494"
},
{
"date": "2019-04-10T00:00:00",
"db": "BID",
"id": "107864"
},
{
"date": "2019-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-002625"
},
{
"date": "2022-02-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201904-567"
},
{
"date": "2023-11-07T03:13:40.763000",
"db": "NVD",
"id": "CVE-2019-9494"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-567"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WPA3 design issues and implementation vulnerabilities in hostapd and wpa_supplicant",
"sources": [
{
"db": "CERT/CC",
"id": "VU#871675"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-567"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.