Navigation
|
|
| Problem Description |
Hostapd 0.3.7 allows remote attackers to cause a denial of service
(segmentation fault) via an unspecified value in the key_data_length
field of an EAPoL frame.
Packages have been patched to correct this issue.
| Updated Packages |
Mandriva Linux LE2005
9154a5005bc66dae4528cd3008dbca09 10.2/RPMS/hostapd-0.3.7-2.1.102dk.i586.rpm 699e613fea4270c79ee1849d96f1ee03 10.2/SRPMS/hostapd-0.3.7-2.1.102dk.src.rpm
Mandriva Linux LE2005/X86_64
810b867b9562b11ce4ecb6ab7e3bd352 x86_64/10.2/RPMS/hostapd-0.3.7-2.1.102dk.x86_64.rpm 699e613fea4270c79ee1849d96f1ee03 x86_64/10.2/SRPMS/hostapd-0.3.7-2.1.102dk.src.rpm
Mandriva Linux 2006
4d85ab25bff640f3176c5bb55ddcc214 2006.0/RPMS/hostapd-0.3.7-2.1.20060mdk.i586.rpm fe727611379d2f48798361d8d2be4bc1 2006.0/SRPMS/hostapd-0.3.7-2.1.20060mdk.src.rpm
Mandriva Linux 2006/X86_64
a1952ce345775472df1aa7636fd7b5cc x86_64/2006.0/RPMS/hostapd-0.3.7-2.1.20060mdk.x86_64.rpm fe727611379d2f48798361d8d2be4bc1 x86_64/2006.0/SRPMS/hostapd-0.3.7-2.1.20060mdk.src.rpm
| References |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2213
| Upgrade |
To upgrade automatically, use MandrivaUpdate.
| Verification |
Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :
rpm --checksig package.rpm
You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.
If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.