Debian Security Advisory
DLA-147-1 wpasupplicant -- LTS security update
- Date Reported:
- 07 Feb 2015
- Affected Packages:
- wpasupplicant
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2014-3686.
- More information:
-
It was discovered that wpasupplicant could be tricked into executing arbitrary commands when calling action scripts.
For Debian 6
Squeeze
, these issues have been fixed in wpasupplicant version 0.6.10-2.1+deb6u1