DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions
hostapd/src
History
Mathy Vanhoef d63edfa902 EAP-pwd server: Detect reflection attacks 
When processing an EAP-pwd Commit frame, verify that the peer's scalar
and elliptic curve element differ from the one sent by the server. This
prevents reflection attacks where the adversary reflects the scalar and
element sent by the server. (CVE-2019-9497)

The vulnerability allows an adversary to complete the EAP-pwd handshake
as any user. However, the adversary does not learn the negotiated
session key, meaning the subsequent 4-way handshake would fail. As a
result, this cannot be abused to bypass authentication unless EAP-pwd is
used in non-WLAN cases without any following key exchange that would
require the attacker to learn the MSK.

Signed-off-by: Mathy Vanhoef <mathy.vanhoef@nyu.edu>
2019-04-09 17:11:15 +03:00
..
ap AP: Avoid NULL use with snprintf string 2019-04-06 18:49:26 +03:00
common SAE: Fix confirm message validation in error cases 2019-04-09 17:11:15 +03:00
crypto OpenSSL: Use constant time selection for crypto_bignum_legendre() 2019-04-09 17:11:15 +03:00
drivers nl80211: Add SAE, FT-SAE, FT-EAP-SHA384 AKMs in connect request 2019-04-05 21:02:37 +03:00
eap_common EAP-pwd: Use constant time and memory access for finding the PWE 2019-04-09 17:11:15 +03:00
eap_peer Extend domain_match and domain_suffix_match to allow list of values 2019-04-09 16:24:38 +03:00
eap_server EAP-pwd server: Detect reflection attacks 2019-04-09 17:11:15 +03:00
eapol_auth Add hostapd tls_flags parameter 2017-09-18 12:12:48 +03:00
eapol_supp More robust timer_tick_enabled tracking 2019-03-13 23:33:41 +02:00
fst UBSan: Define FST LLT macros without integer overflow 2019-02-25 19:48:49 +02:00
l2_packet wpa_supplicant: Don't reply to EAPOL if pkt_type is PACKET_OTHERHOST 2018-04-02 12:21:27 +03:00
p2p WPS: Add multi_ap_subelem to wps_build_wfa_ext() 2019-02-18 20:30:26 +02:00
pae UBSan: Pack MACsec peer id structure 2019-02-25 19:48:49 +02:00
radius RADIUS server: Accept ERP keyName-NAI as user identity 2019-04-09 00:10:20 +03:00
rsn_supp Add AKM info in the debug message noting PMKSA caching entry addition 2019-03-27 04:02:19 +02:00
tls TLS: Add support for RFC 5705 TLS exporter context with internal TLS 2019-03-16 18:52:09 +02:00
utils Add helper functions for constant time operations 2019-04-09 17:11:15 +03:00
wps Multi-AP: Avoid memcpy(ptr, NULL, 0) in WPS Registrar initialization 2019-02-23 11:37:20 +02:00
lib.rules tests: TLS fuzzing tool 2019-02-11 02:35:29 +02:00
Makefile FST: Add the Fast Session Transfer (FST) module 2015-07-16 18:26:15 +03:00