[PATCH] WPS: fix nonce comparisons
Baruch Siach
baruch
Mon Aug 13 22:48:11 PDT 2012
Hi Eyal,
On Mon, Aug 13, 2012 at 04:26:13AM +0300, Eyal Shapira wrote:
> Multiple memcmps of nonces were actually comparing
> only the first byte instead of all 16 bytes.
Looks like a serious security bug.
Do you know what the security implications of this bug are? What versions of
hostap are affected? What configurations? Is it WPS specific?
baruch
> Signed-hostap: Eyal Shapira <eyal at wizery.com>
> ---
--
http://baruch.siach.name/blog/ ~. .~ Tk Open Systems
=}------------------------------------------------ooO--U--Ooo------------{=
- baruch at tkos.co.il - tel: +972.2.679.5364, http://www.tkos.co.il -
More information about the Hostap
mailing list