CVE-2017-13081

Sažetak

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.

Reference

http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt
http://www.debian.org/security/2017/dsa-3999
http://www.kb.cert.org/vuls/id/228519
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
http://www.securityfocus.com/bid/101274
http://www.securitytracker.com/id/1039573
http://www.securitytracker.com/id/1039576
http://www.securitytracker.com/id/1039577
http://www.securitytracker.com/id/1039578
http://www.securitytracker.com/id/1039581
http://www.securitytracker.com/id/1039585
http://www.ubuntu.com/usn/USN-3455-1
https://access.redhat.com/security/vulnerabilities/kracks
https://cert.vde.com/en-us/advisories/vde-2017-005
https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf
https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html
https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc
https://security.gentoo.org/glsa/201711-03
https://source.android.com/security/bulletin/2017-11-01
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03792en_us
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
https://www.krackattacks.com/

CVSS

Base:	2.9
Impact:	2.9
Exploitability:	5.5

Pristup

Vektor	Složenost	Autentikacija
ADJACENT_NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:A/AC:M/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

03-10-2019 - 00:03

Objavljeno

17-10-2017 - 13:29