[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

RHSA-2017:2911-01 -- Redhat wpa_supplicant

ID: oval:org.secpod.oval:def:502152Date: (C)2017-10-19   (M)2023-12-20
Class: PATCHFamily: unix




The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 , and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. Security Fix: * A new exploitation technique called key reinstallation attacks affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit these attacks to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by manipulating cryptographic handshakes used by the WPA2 protocol. Red Hat would like to thank CERT for reporting these issues. Upstream acknowledges Mathy Vanhoef as the original reporter of these issues.

Platform:
Red Hat Enterprise Linux 6
Product:
wpa_supplicant
Reference:
RHSA-2017:2911-01
CVE-2017-13077
CVE-2017-13078
CVE-2017-13080
CVE-2017-13087
CVE    4
CVE-2017-13087
CVE-2017-13077
CVE-2017-13078
CVE-2017-13080
...
CPE    2
cpe:/o:redhat:enterprise_linux:6
cpe:/a:w1.fi:wpa_supplicant

© SecPod Technologies