DSA-3999-1 wpa -- wpaID: oval:org.secpod.oval:def:603131 | Date: (C)2017-10-17 (M)2023-12-20 |
Class: PATCH | Family: unix |
Mathy Vanhoef of the imec-DistriNet research group of KU Leuven discovered multiple vulnerabilities in the WPA protocol, used for authentication in wireless networks. Those vulnerabilities applies to both the access point and the station . An attacker exploiting the vulnerabilities could force the vulnerable system to reuse cryptographic session keys, enabling a range of cryptographic attacks against the ciphers used in WPA1 and WPA2. More information can be found in the researchers"s paper, Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2. CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake CVE-2017-13078: reinstallation of the group key in the Four-way handshake CVE-2017-13079: reinstallation of the integrity group key in the Four-way handshake CVE-2017-13080: reinstallation of the group key in the Group Key handshake CVE-2017-13081: reinstallation of the integrity group key in the Group Key handshake CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation Request and reinstalling the pairwise key while processing it CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup PeerKey key in the TDLS handshake CVE-2017-13087: reinstallation of the group key when processing a Wireless Network Management Sleep Mode Response frame CVE-2017-13088: reinstallation of the integrity group key when processing a Wireless Network Management Sleep Mode Response frame
Platform: |
Debian 8.x |
Debian 9.x |
Product: |
hostapd |
wpagui |
wpasupplicant |