An out-of-bounds read flaw related to the assess_packet function in eapmd5pass.c:134 was found in the way eapmd5pass 1.4 handled processing of network packets. A remote attacker could potentially use this flaw to crash the eapmd5pass process under certain circumstances by generating specially crafted network traffic.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| eapmd5pass_project | eapmd5pass | 1.4 |
An out-of-bounds read flaw related to the assess_packet function in eapmd5pass.c:211 was found in the way eapmd5pass 1.4 handled processing of network packets. A remote attacker could potentially use this flaw to crash the eapmd5pass process under certain circumstances by generating specially crafted network traffic.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| eapmd5pass_project | eapmd5pass | 1.4 |
A length validation (leading to out-of-bounds read and write) flaw was found in the way eapmd5pass 1.4 handled network traffic in the extract_eapusername function. A remote attacker could potentially use this flaw to crash the eapmd5pass process by generating specially crafted network traffic.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| eapmd5pass_project | eapmd5pass | 1.4 |