Hostapd ‘hostapd.conf’ Configuration File Insecure File Permissions Vulnerability


hostapd is prone to an insecure file-permission vulnerability.


The original article can be found at:


Vulnerable Systems:
 * Red Hat Fedora 17
 * Red Hat Fedora 16
 * Mandriva Linux Mandrake 2011 x86_64
 * Mandriva Linux Mandrake 2011

A local attacker can exploit this issue to obtain potentially sensitive information such as credentials for PSKs and shared radius secrets. Information obtained may aid in further attacks.

CVE Information:

Disclosure Timeline:
Published: May 23 2012 12:00AM
Updated: Oct 22 2012 11:30AM

Categories: News