Open mend-for-github-com[bot] opened 1 year ago
mend-for-github-com[bot]
commented
1 year ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
12 months ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
mend-for-github-com[bot]
commented
12 months ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
12 months ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
12 months ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
mend-for-github-com[bot]
commented
12 months ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
12 months ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
mend-for-github-com[bot]
commented
12 months ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
12 months ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
mend-for-github-com[bot]
commented
12 months ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
12 months ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
mend-for-github-com[bot]
commented
11 months ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
11 months ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
AsusWRT GT-AC5300 router GPL source code
Library home page: https://github.com/blackfuel/asuswrt-gt-ac5300.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Vulnerabilities
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
CVE-2017-13082
### Vulnerable Libraries - asuswrt-gt-ac5300386.45958, asuswrt-gt-ac5300386.45958
### Vulnerability DetailsWi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
Publish Date: 2017-10-17
URL: CVE-2017-13082
### CVSS 3 Score Details (8.1)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Adjacent - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-13082
Release Date: 2017-10-17
Fix Resolution: hostapd - 2.6-6;wpa_supplicant - 1:2.6-11
CVE-2019-10064
### Vulnerable Library - asuswrt-gt-ac5300386.45958AsusWRT GT-AC5300 router GPL source code
Library home page: https://github.com/blackfuel/asuswrt-gt-ac5300.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (2)
/release/src/router/wpa_supplicant/wpa_supplicant/ctrl_iface.c
/release/src/router/wpa_supplicant/wpa_supplicant/ctrl_iface.c
### Vulnerability Detailshostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743.
Publish Date: 2020-02-28
URL: CVE-2019-10064
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10064
Release Date: 2020-02-28
Fix Resolution: hostap_2_6
CVE-2016-10743
### Vulnerable Library - asuswrt-gt-ac5300386.45958AsusWRT GT-AC5300 router GPL source code
Library home page: https://github.com/blackfuel/asuswrt-gt-ac5300.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (2)
/release/src/router/wpa_supplicant/wpa_supplicant/ctrl_iface.c
/release/src/router/wpa_supplicant/wpa_supplicant/ctrl_iface.c
### Vulnerability Detailshostapd before 2.6 does not prevent use of the low-quality PRNG that is reached by an os_random() function call.
Publish Date: 2019-03-23
URL: CVE-2016-10743
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10743
Release Date: 2019-03-23
Fix Resolution: 2.6
CVE-2016-4476
### Vulnerable Libraries - asuswrt-gt-ac5300386.45958, asuswrt-gt-ac5300386.45958, asuswrt-gt-ac5300386.45958
### Vulnerability Detailshostapd 0.6.7 through 2.5 and wpa_supplicant 0.6.7 through 2.5 do not reject \n and \r characters in passphrase parameters, which allows remote attackers to cause a denial of service (daemon outage) via a crafted WPS operation.
Publish Date: 2016-05-09
URL: CVE-2016-4476
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4476
Release Date: 2016-05-09
Fix Resolution: hostap_2_6
CVE-2020-10704
### Vulnerable Library - asuswrt-gt-ac5300386.45958AsusWRT GT-AC5300 router GPL source code
Library home page: https://github.com/blackfuel/asuswrt-gt-ac5300.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (1)
### Vulnerability DetailsA flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba handles certain requests as an Active Directory Domain Controller LDAP server, an unauthorized user can cause a stack overflow leading to a denial of service. The highest threat from this vulnerability is to system availability. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2.
Publish Date: 2020-05-06
URL: CVE-2020-10704
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12704
Release Date: 2020-05-06
Fix Resolution: 2020.2
CVE-2021-20254
### Vulnerable Library - asuswrt-gt-ac5300386.45958AsusWRT GT-AC5300 router GPL source code
Library home page: https://github.com/blackfuel/asuswrt-gt-ac5300.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (1)
### Vulnerability DetailsA flaw was found in samba. The Samba smbd file server must map Windows group identities (SIDs) into unix group ids (gids). The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache. This could cause the calling code to return those values into the process token that stores the group membership for a user. The highest threat from this vulnerability is to data confidentiality and integrity.
Publish Date: 2021-05-05
URL: CVE-2021-20254
### CVSS 3 Score Details (6.8)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://www.samba.org/samba/security/CVE-2021-20254.html
Release Date: 2021-05-05
Fix Resolution: samba-4.12.15, 4.13.8, 4.14.4
CVE-2017-13086
### Vulnerable Libraries - asuswrt-gt-ac5300386.45958, asuswrt-gt-ac5300386.45958
### Vulnerability DetailsWi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
Publish Date: 2017-10-17
URL: CVE-2017-13086
### CVSS 3 Score Details (6.8)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Adjacent - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-13086
Release Date: 2017-10-17
Fix Resolution: hostapd - 2.5-2;wpa_supplicant - 1:2.5-2
CVE-2017-13084
### Vulnerable Libraries - asuswrt-gt-ac5300386.45958, asuswrt-gt-ac5300386.45958
### Vulnerability DetailsWi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
Publish Date: 2017-10-17
URL: CVE-2017-13084
### CVSS 3 Score Details (6.8)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Adjacent - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-13084
Release Date: 2017-10-17
Fix Resolution: hostapd - 2.6-6;wpa_supplicant - 1:2.6-11
CVE-2017-13077
### Vulnerable Libraries - asuswrt-gt-ac5300386.45958, asuswrt-gt-ac5300386.45958
### Vulnerability DetailsWi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
Publish Date: 2017-10-17
URL: CVE-2017-13077
### CVSS 3 Score Details (6.8)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Adjacent - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-13077
Release Date: 2017-10-17
Fix Resolution: hostapd - 2.6-6;wpa_supplicant - 1:2.6-11
CVE-2019-20503
### Vulnerable Library - asuswrt-gt-ac5300386.45958AsusWRT GT-AC5300 router GPL source code
Library home page: https://github.com/blackfuel/asuswrt-gt-ac5300.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (2)
/release/src/router/asusnatnl/pjproject-1.12/third_party/usrsctp/usrsctplib/netinet/sctp_auth.c
/release/src/router/asusnatnl/pjproject-1.12/third_party/usrsctp/usrsctplib/netinet/sctp_auth.c
### Vulnerability Detailsusrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init.
Publish Date: 2020-03-06
URL: CVE-2019-20503
### CVSS 3 Score Details (6.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://bugzilla.redhat.com/show_bug.cgi?id=1695748,https://gitlab.alpinelinux.org/alpine/aports/issues/11296
Release Date: 2020-06-11
Fix Resolution: usrsctp2019-12-20,firefox-bin-68.6.0
CVE-2021-3670
### Vulnerable Libraries - asuswrt-gt-ac5300386.45958, asuswrt-gt-ac5300386.45958
### Vulnerability DetailsMaxQueryDuration not honoured in Samba AD DC LDAP
Publish Date: 2022-08-23
URL: CVE-2021-3670
### CVSS 3 Score Details (6.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://bugzilla.samba.org/show_bug.cgi?id=14694
Release Date: 2021-07-30
Fix Resolution: samba-4.14.11,samba-4.15.3
CVE-2018-16851
### Vulnerable Library - asuswrt-gt-ac5300386.45958AsusWRT GT-AC5300 router GPL source code
Library home page: https://github.com/blackfuel/asuswrt-gt-ac5300.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (1)
### Vulnerability DetailsSamba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is vulnerable to a denial of service. During the processing of an LDAP search before Samba's AD DC returns the LDAP entries to the client, the entries are cached in a single memory object with a maximum size of 256MB. When this size is reached, the Samba process providing the LDAP service will follow the NULL pointer, terminating the process. There is no further vulnerability associated with this issue, merely a denial of service.
Publish Date: 2018-11-28
URL: CVE-2018-16851
### CVSS 3 Score Details (6.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://bugs.alpinelinux.org//issues/9705
Release Date: 2018-11-28
Fix Resolution: 4.7.12, 4.8.7, 4.9.3
CVE-2016-2111
### Vulnerable Library - asuswrt-gt-ac5300386.45958AsusWRT GT-AC5300 router GPL source code
Library home page: https://github.com/blackfuel/asuswrt-gt-ac5300.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (1)
### Vulnerability DetailsThe NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, a related issue to CVE-2015-0005.
Publish Date: 2016-04-25
URL: CVE-2016-2111
### CVSS 3 Score Details (6.3)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: High - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://bugs.alpinelinux.org//issues/5494
Release Date: 2016-04-25
Fix Resolution: 4.2.11,4.3.8,4.4.2
CVE-2016-2110
### Vulnerable Library - asuswrt-gt-ac5300386.45958AsusWRT GT-AC5300 router GPL source code
Library home page: https://github.com/blackfuel/asuswrt-gt-ac5300.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (1)
### Vulnerability DetailsThe NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove application-layer flags or encryption settings, as demonstrated by clearing the NTLMSSP_NEGOTIATE_SEAL or NTLMSSP_NEGOTIATE_SIGN option to disrupt LDAP security.
Publish Date: 2016-04-25
URL: CVE-2016-2110
### CVSS 3 Score Details (5.9)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://bugs.alpinelinux.org//issues/5494
Release Date: 2016-04-25
Fix Resolution: 4.2.11,4.3.8,4.4.2
CVE-2016-2112
### Vulnerable Libraries - asuswrt-gt-ac5300386.45958, asuswrt-gt-ac5300386.45958, asuswrt-gt-ac5300386.45958
### Vulnerability DetailsThe bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "client ldap sasl wrapping" setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade attacks by modifying the client-server data stream.
Publish Date: 2016-04-25
URL: CVE-2016-2112
### CVSS 3 Score Details (5.9)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115
Release Date: 2016-04-25
Fix Resolution: 4.2.11,4.3.8,4.4.2
CVE-2016-2114
### Vulnerable Library - asuswrt-gt-ac5300386.45958AsusWRT GT-AC5300 router GPL source code
Library home page: https://github.com/blackfuel/asuswrt-gt-ac5300.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (1)
### Vulnerability DetailsThe SMB1 protocol implementation in Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "server signing = mandatory" setting, which allows man-in-the-middle attackers to spoof SMB servers by modifying the client-server data stream.
Publish Date: 2016-04-25
URL: CVE-2016-2114
### CVSS 3 Score Details (5.9)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://www.samba.org/samba/security/CVE-2016-2114.html
Release Date: 2016-04-25
Fix Resolution: 4.4.2,4.3.8,4.2.11
CVE-2016-2115
### Vulnerable Libraries - asuswrt-gt-ac5300386.45958, asuswrt-gt-ac5300386.45958, asuswrt-gt-ac5300386.45958, asuswrt-gt-ac5300386.45958
### Vulnerability DetailsSamba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not require SMB signing within a DCERPC session over ncacn_np, which allows man-in-the-middle attackers to spoof SMB clients by modifying the client-server data stream.
Publish Date: 2016-04-25
URL: CVE-2016-2115
### CVSS 3 Score Details (5.9)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115
Release Date: 2016-04-25
Fix Resolution: 4.2.11,4.3.8,4.4.2
CVE-2014-3686
### Vulnerable Library - asuswrt-gt-ac5300386.45958AsusWRT GT-AC5300 router GPL source code
Library home page: https://github.com/blackfuel/asuswrt-gt-ac5300.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (3)
/release/src/router/wpa_supplicant/src/utils/os_win32.c
/release/src/router/wpa_supplicant/src/utils/os_win32.c
/release/src/router/wpa_supplicant/src/utils/os_win32.c
### Vulnerability Detailswpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame.
Publish Date: 2014-10-16
URL: CVE-2014-3686
### CVSS 3 Score Details (5.6)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: Low
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3686
Release Date: 2014-10-16
Fix Resolution: 2.3
CVE-2020-14323
### Vulnerable Library - asuswrt-gt-ac5300386.45958AsusWRT GT-AC5300 router GPL source code
Library home page: https://github.com/blackfuel/asuswrt-gt-ac5300.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (3)
/release/src/router/samba-3.6.x_opwrt/source/source3/winbindd/winbindd_lookupsids.c
/release/src/router/samba-3.6.x_opwrt/source/source3/winbindd/winbindd_lookupsids.c
/release/src/router/samba-3.6.x_opwrt/source/source3/winbindd/winbindd_lookupsids.c
### Vulnerability DetailsA null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service.
Publish Date: 2020-10-29
URL: CVE-2020-14323
### CVSS 3 Score Details (5.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2020-14323
Release Date: 2020-10-29
Fix Resolution: python3-samba-test - 4.13.3-3,4.13.3-3,4.13.3-3,4.13.3-3;samba-common - 4.13.3-3,4.10.16-9;samba-winbind-krb5-locator - 4.10.16-9,4.13.3-3,4.13.3-3,4.13.3-3,4.10.16-9,4.13.3-3,4.10.16-9;samba-debugsource - 4.13.3-3,4.13.3-3;libwbclient-debuginfo - 4.13.3-3,4.13.3-3;samba-client-debuginfo - 4.13.3-3,4.13.3-3;libsmbclient - 4.10.16-9,4.10.16-9,4.10.16-9,4.13.3-3,4.10.16-9,4.13.3-3,4.10.16-9,4.13.3-3,4.13.3-3,4.13.3-3;samba-winbind-modules-debuginfo - 4.13.3-3,4.13.3-3;python3-samba - 4.13.3-3,4.13.3-3,4.13.3-3,4.13.3-3,4.13.3-3;libwbclient - 4.13.3-3,4.13.3-3,4.13.3-3,4.10.16-9,4.10.16-9,4.10.16-9,4.13.3-3,4.10.16-9,4.13.3-3,4.10.16-9;samba - 4.13.3-3,4.10.16-9,4.13.3-3,4.10.16-9,4.13.3-3,4.13.3-3,4.10.16-9,4.13.3-3,4.10.16-9;samba-python - 4.10.16-9,4.10.16-9,4.10.16-9,4.10.16-9,4.10.16-9;openchange-client-debuginfo - 2.3-27,2.3-27;samba-test-libs - 4.10.16-9,4.10.16-9,4.13.3-3,4.13.3-3,4.10.16-9,4.13.3-3,4.13.3-3,4.10.16-9,4.10.16-9;libwbclient-devel - 4.10.16-9,4.10.16-9,4.10.16-9,4.10.16-9,4.10.16-9;openchange-debuginfo - 2.3-27,2.3-27;ctdb-tests - 4.13.3-3,4.13.3-3,4.10.16-9,4.13.3-3,4.10.16-9,4.13.3-3;samba-python-test - 4.10.16-9,4.10.16-9,4.10.16-9;samba-winbind-debuginfo - 4.13.3-3,4.13.3-3;samba-common-tools-debuginfo - 4.13.3-3,4.13.3-3;samba-debuginfo - 4.10.16-9,4.13.3-3,4.13.3-3,4.10.16-9;samba-winbind-clients-debuginfo - 4.13.3-3,4.13.3-3;samba-winbind - 4.13.3-3,4.13.3-3,4.13.3-3,4.10.16-9,4.10.16-9,4.10.16-9,4.13.3-3;samba-vfs-glusterfs-debuginfo - 4.13.3-3;samba-devel - 4.10.16-9,4.10.16-9,4.10.16-9,4.10.16-9,4.10.16-9;samba-common-tools - 4.13.3-3,4.10.16-9,4.13.3-3,4.13.3-3,4.13.3-3,4.10.16-9,4.10.16-9;openchange - 2.3-27,2.3-27,2.3-27,2.3-27,2.3-27,2.3-27;ctdb-debuginfo - 4.13.3-3,4.13.3-3;samba-dc-libs - 4.10.16-9,4.10.16-9,4.10.16-9;samba-dc - 4.10.16-9,4.10.16-9,4.10.16-9;openchange-debugsource - 2.3-27,2.3-27;samba-common-libs-debuginfo - 4.13.3-3,4.13.3-3;ctdb-tests-debuginfo - 4.13.3-3,4.13.3-3;ctdb - 4.13.3-3,4.13.3-3,4.10.16-9,4.13.3-3,4.10.16-9,4.13.3-3;samba-libs-debuginfo - 4.13.3-3,4.13.3-3;samba-test-debuginfo - 4.13.3-3,4.13.3-3;samba-krb5-printing - 4.13.3-3,4.10.16-9,4.10.16-9,4.13.3-3,4.10.16-9,4.13.3-3,4.13.3-3;samba-common-libs - 4.10.16-9,4.10.16-9,4.10.16-9,4.10.16-9,4.10.16-9,4.13.3-3,4.13.3-3,4.13.3-3,4.13.3-3;samba-winexe - 4.13.3-3;samba-winbind-clients - 4.13.3-3,4.10.16-9,4.13.3-3,4.13.3-3,4.10.16-9,4.13.3-3,4.10.16-9;samba-krb5-printing-debuginfo - 4.13.3-3,4.13.3-3;libsmbclient-debuginfo - 4.13.3-3,4.13.3-3;samba-test-libs-debuginfo - 4.13.3-3,4.13.3-3;samba-winbind-modules - 4.13.3-3,4.13.3-3,4.13.3-3,4.10.16-9,4.13.3-3,4.10.16-9,4.13.3-3,4.10.16-9,4.10.16-9,4.10.16-9;samba-client-libs-debuginfo - 4.13.3-3,4.13.3-3;samba-client-libs - 4.13.3-3,4.13.3-3,4.10.16-9,4.13.3-3,4.10.16-9,4.10.16-9,4.10.16-9,4.13.3-3,4.10.16-9,4.13.3-3;samba-vfs-glusterfs - 4.10.16-9;python3-samba-debuginfo - 4.13.3-3,4.13.3-3;libsmbclient-devel - 4.10.16-9,4.10.16-9,4.10.16-9,4.10.16-9,4.10.16-9;samba-winbind-krb5-locator-debuginfo - 4.13.3-3,4.13.3-3;samba-libs - 4.13.3-3,4.10.16-9,4.10.16-9,4.13.3-3,4.10.16-9,4.10.16-9,4.13.3-3,4.13.3-3,4.10.16-9,4.13.3-3;samba-pidl - 4.10.16-9,4.13.3-3;samba-test - 4.10.16-9,4.10.16-9,4.10.16-9,4.13.3-3,4.13.3-3,4.13.3-3,4.13.3-3;samba-client - 4.13.3-3,4.13.3-3,4.10.16-9,4.13.3-3,4.13.3-3,4.10.16-9,4.10.16-9
CVE-2017-13088
### Vulnerable Libraries - asuswrt-gt-ac5300386.45958, asuswrt-gt-ac5300386.45958
### Vulnerability DetailsWi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.
Publish Date: 2017-10-17
URL: CVE-2017-13088
### CVSS 3 Score Details (5.3)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Adjacent - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-13088
Release Date: 2017-10-17
Fix Resolution: hostapd - 2.6-6;wpa_supplicant - 1:2.6-11
CVE-2017-13087
### Vulnerable Libraries - asuswrt-gt-ac5300386.45958, asuswrt-gt-ac5300386.45958
### Vulnerability DetailsWi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.
Publish Date: 2017-10-17
URL: CVE-2017-13087
### CVSS 3 Score Details (5.3)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Adjacent - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-13087
Release Date: 2017-10-17
Fix Resolution: hostapd - 2.6-6;wpa_supplicant - 1:2.6-11
CVE-2017-13080
### Vulnerable Libraries - asuswrt-gt-ac5300386.45958, asuswrt-gt-ac5300386.45958
### Vulnerability DetailsWi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
Publish Date: 2017-10-17
URL: CVE-2017-13080
### CVSS 3 Score Details (5.3)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Adjacent - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-13080
Release Date: 2017-10-17
Fix Resolution: hostapd - 2.6-6;wpa_supplicant - 1:2.6-11
CVE-2017-13081
### Vulnerable Libraries - asuswrt-gt-ac5300386.45958, asuswrt-gt-ac5300386.45958
### Vulnerability DetailsWi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.
Publish Date: 2017-10-17
URL: CVE-2017-13081
### CVSS 3 Score Details (5.3)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Adjacent - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-13081
Release Date: 2017-10-17
Fix Resolution: hostapd - 2.6-6;wpa_supplicant - 1:2.6-11
CVE-2021-30004
### Vulnerable Library - asuswrt-gt-ac5300386.45958AsusWRT GT-AC5300 router GPL source code
Library home page: https://github.com/blackfuel/asuswrt-gt-ac5300.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (2)
/release/src/router/wpa_supplicant/src/tls/x509v3.c
/release/src/router/wpa_supplicant/src/tls/x509v3.c
### Vulnerability DetailsIn wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c.
Publish Date: 2021-04-02
URL: CVE-2021-30004
### CVSS 3 Score Details (5.3)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: Low - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2021-30004
Release Date: 2021-04-02
Fix Resolution: wpa-supplicant - 2.9
CVE-2017-13079
### Vulnerable Libraries - asuswrt-gt-ac5300386.45958, asuswrt-gt-ac5300386.45958
### Vulnerability DetailsWi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.
Publish Date: 2017-10-17
URL: CVE-2017-13079
### CVSS 3 Score Details (5.3)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Adjacent - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-13079
Release Date: 2017-10-17
Fix Resolution: hostapd - 2.6-6;wpa_supplicant - 1:2.6-11
CVE-2017-13078
### Vulnerable Libraries - asuswrt-gt-ac5300386.45958, asuswrt-gt-ac5300386.45958
### Vulnerability DetailsWi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.
Publish Date: 2017-10-17
URL: CVE-2017-13078
### CVSS 3 Score Details (5.3)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Adjacent - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-13078
Release Date: 2017-10-17
Fix Resolution: hostapd - 2.6-6;wpa_supplicant - 1:2.6-11
CVE-2015-4141
### Vulnerable Library - asuswrt-gt-ac5300386.45958AsusWRT GT-AC5300 router GPL source code
Library home page: https://github.com/blackfuel/asuswrt-gt-ac5300.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (2)
/release/src/router/wpa_supplicant/src/wps/httpread.c
/release/src/router/wpa_supplicant/src/wps/httpread.c
### Vulnerability DetailsThe WPS UPnP function in hostapd, when using WPS AP, and wpa_supplicant, when using WPS external registrar (ER), 0.7.0 through 2.4 allows remote attackers to cause a denial of service (crash) via a negative chunk length, which triggers an out-of-bounds read or heap-based buffer overflow.
Publish Date: 2015-06-15
URL: CVE-2015-4141
### CVSS 3 Score Details (3.1)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Adjacent - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: Low
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4141
Release Date: 2015-06-15
Fix Resolution: 2.5