Gentoo Linux Security Advisory 201606-17 - Multiple vulnerabilities have been found in hostapd and wpa_supplicant, allowing remote attackers to execute arbitrary code or cause Denial of Service. Versions less than 2.5 are affected.
5d7af6d69f7d7ea29cb1b7d706cf8f37dc0cd7148f64745c77580d11fd656dde
Mandriva Linux Security Advisory 2015-120 - A vulnerability was found in the mechanism wpa_cli and hostapd_cli use for executing action scripts. An unsanitized string received from a remote device can be passed to a system() call resulting in arbitrary command execution under the privileges of the wpa_cli/hostapd_cli process (which may be root in common use cases. Using the Mandriva wpa_supplicant package, systems are exposed to the vulnerability if operating as a WPS registrar.
ce79535d525247ae701a512f6701feaf970e965a4ae177cdd17bfbae1cfeae0b
Slackware Security Advisory - New wpa_supplicant packages are available for Slackware 13.37, 14.0, 14.1, and -current to fix security issues.
4ab5c91d6854aae0b005cfc718bf4de57a47cea8403b0f17395d89daf5abca1e
Red Hat Security Advisory 2014-1956-01 - The wpa_supplicant package contains an 802.1X Supplicant with support for WEP, WPA, WPA2, and various EAP authentication methods. It implements key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. A command injection flaw was found in the way the wpa_cli utility executed action scripts. If wpa_cli was run in daemon mode to execute an action script, and wpa_supplicant was configured to connect to a P2P group, malicious P2P group parameters could cause wpa_cli to execute arbitrary code.
b933e9611731ac1432b26aaa5d1d25378751279fdd0e0f3c9dcace24d5ce5efa
Mandriva Linux Security Advisory 2014-211 - A vulnerability was found in the mechanism wpa_cli and hostapd_cli use for executing action scripts. An unsanitized string received from a remote device can be passed to a system() call resulting in arbitrary command execution under the privileges of the wpa_cli/hostapd_cli process (which may be root in common use cases. Using the wpa_supplicant package, systems are exposed to the vulnerability if operating as a WPS registrar.
8619ba2bae6b067797e91bc86b72d26d9bce9183aca7bbedd6fa6eb909629efb
Debian Linux Security Advisory 3052-1 - Jouni Malinen discovered an input sanitization issue in the wpa_cli and hostapd_cli tools included in the wpa package. A remote wifi system within range could provide a crafted string triggering arbitrary code execution running with privileges of the affected wpa_cli or hostapd_cli process.
753b9e912256fa78da742abe670ee67537c6c4abcae01ccf1d07b62619d1837f
Ubuntu Security Notice 2383-1 - Jouni Malinen discovered that the wpa_cli tool incorrectly sanitized strings when being used with action scripts. A remote attacker could possibly use this issue to execute arbitrary commands.
dbfd203da2ea58a90e3d9c51a8330c4fa80c392048e1e661ceaa5c6d90ba8c8b