Vulnerabilities > CVE-2016-10743 - Insufficient Entropy in PRNG vulnerability in W1.Fi Hostapd

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
HIGH
Availability impact
NONE
network
low complexity
w1-fi
CWE-332
nessus

Summary

hostapd before 2.6 does not prevent use of the low-quality PRNG that is reached by an os_random() function call.

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-2138.NASL
    descriptionSimilar to CVE-2016-10743 the host access point daemon, hostapd, in EAP mode used a low quality pseudorandom number generator that leads to insufficient entropy. The problem was resolved by using the os_get_random function which provides cryptographically strong pseudo random data. For Debian 8
    last seen2020-03-17
    modified2020-03-12
    plugin id134430
    published2020-03-12
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134430
    titleDebian DLA-2138-1 : wpa security update
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-3944-1.NASL
    descriptionIt was discovered that wpa_supplicant and hostapd were vulnerable to a side channel attack against EAP-pwd. A remote attacker could possibly use this issue to recover certain passwords. (CVE-2019-9495) Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly validated received scalar and element values in EAP-pwd-Commit messages. A remote attacker could possibly use this issue to perform a reflection attack and authenticate without the appropriate password. (CVE-2019-9497, CVE-2019-9498, CVE-2019-9499) It was discovered that hostapd incorrectly handled obtaining random numbers. In rare cases where the urandom device isn
    last seen2020-06-01
    modified2020-06-02
    plugin id123999
    published2019-04-11
    reporterUbuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123999
    titleUbuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : wpa vulnerabilities (USN-3944-1)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-1733.NASL
    descriptionIt was found that the fallback mechanism for generating a WPS pin in hostapd, an IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator, used a low quality pseudorandom number generator. This was resolved by using only the high quality os_get_random function. For Debian 8
    last seen2020-06-01
    modified2020-06-02
    plugin id123470
    published2019-03-29
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123470
    titleDebian DLA-1733-1 : wpa security update