ID de Prueba:	1.3.6.1.4.1.25623.1.0.853038
Categoría:	SuSE Local Security Checks
Título:	openSUSE: Security Advisory for hostapd (openSUSE-SU-2020:0222-1)
Resumen:	The remote host is missing an update for the 'hostapd'; package(s) announced via the openSUSE-SU-2020:0222-1 advisory.
Descripción:	Summary: The remote host is missing an update for the 'hostapd' package(s) announced via the openSUSE-SU-2020:0222-1 advisory. Vulnerability Insight: This update for hostapd fixes the following issues: hostapd was updated to version 2.9: * SAE changes - disable use of groups using Brainpool curves - improved protection against side channel attacks * EAP-pwd changes - disable use of groups using Brainpool curves - improved protection against side channel attacks * fixed FT-EAP initial mobility domain association using PMKSA caching * added configuration of airtime policy * fixed FILS to and RSNE into (Re)Association Response frames * fixed DPP bootstrapping URI parser of channel list * added support for regulatory WMM limitation (for ETSI) * added support for MACsec Key Agreement using IEEE 802.1X/PSK * added experimental support for EAP-TEAP server (RFC 7170) * added experimental support for EAP-TLS server with TLS v1.3 * added support for two server certificates/keys (RSA/ECC) * added AKMSuiteSelector into 'STA ' control interface data to determine with AKM was used for an association * added eap_sim_id parameter to allow EAP-SIM/AKA server pseudonym and fast reauthentication use to be disabled * fixed an ECDH operation corner case with OpenSSL Update to version 2.8 * SAE changes - added support for SAE Password Identifier - changed default configuration to enable only group 19 (i.e., disable groups 20, 21, 25, 26 from default configuration) and disable all unsuitable groups completely based on REVmd changes - improved anti-clogging token mechanism and SAE authentication frame processing during heavy CPU load, this mitigates some issues with potential DoS attacks trying to flood an AP with large number of SAE messages - added Finite Cyclic Group field in status code 77 responses - reject use of unsuitable groups based on new implementation guidance in REVmd (allow only FFC groups with prime >= 3072 bits and ECC groups with prime >= 256) - verify peer scalar ... Description truncated. Please see the references for more information. Affected Software/OS: 'hostapd' package(s) on openSUSE Leap 15.1. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-9494 Bugtraq: 20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa (Google Search) https://seclists.org/bugtraq/2019/May/40 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/ FreeBSD Security Advisory: FreeBSD-SA-19:03 https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html SuSE Security Announcement: openSUSE-SU-2020:0222 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html Common Vulnerability Exposure (CVE) ID: CVE-2019-9495 https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html Common Vulnerability Exposure (CVE) ID: CVE-2019-9496 Common Vulnerability Exposure (CVE) ID: CVE-2019-9497 Common Vulnerability Exposure (CVE) ID: CVE-2019-9498 Common Vulnerability Exposure (CVE) ID: CVE-2019-9499
Copyright	Copyright (C) 2020 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.