avoid key reinstallation (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,
CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086,
CVE-2017-13087, CVE-2017-13088)

OSVersionArchitecturePackageVersionFilename
oracle linux7srcwpa_supplicant< 2.6-5.el7_4.1wpa_supplicant-2.6-5.el7_4.1.src.rpm
oracle linux7x86_64wpa_supplicant< 2.6-5.el7_4.1wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
oracle linux	7	src	wpa_supplicant	< 2.6-5.el7_4.1	wpa_supplicant-2.6-5.el7_4.1.src.rpm
oracle linux	7	x86_64	wpa_supplicant	< 2.6-5.el7_4.1	wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm

mageia 3

ics 11

osv 8

nvidia 1

openvas 39

nessus 46

freebsd_advisory 1

archlinux 2

debian 3

fedora 6

intel 2

f5 1

thn 1

cisco 1

slackware 1

fortinet 1

redhatcve 5

oraclelinux 1

redhat 2

hackerone 1

myhack58 1

gentoo 1

freebsd 1

huawei 1

centos 2

ibm 1

suse 8

lenovo 2

ubuntu 2

hp 4

cert 1

apple 8

cloudfoundry 1

ubuntucve 8

cve 5

alpinelinux 6

threatpost 1

debiancve 4

prion 3

veracode 3

mageia

Updated wpa_supplicant and hostapd packages fix security vulnerabilities

2017-10-19 21:14:02

Updated nonfree firmware packages fixes security vulnerabilities

2018-07-25 11:24:17

Updated nonfree firmwares fixes security issues and adds new hw support

2017-12-28 16:16:56

ics

Stryker Medical Beds

2019-01-29 12:00:00

PEPPERL+FUCHS/ecom instruments WLAN Capable Devices using the WPA2 Protocol

2017-12-19 12:00:00

BD Pyxis

2018-04-24 12:00:00

osv

wpa - security update

2017-10-31 00:00:00

wpa - security update

2017-10-16 00:00:00

firmware-nonfree - security update

2018-11-10 00:00:00

nvidia

Security Bulletin: NVIDIA Linux for Tegra (L4T) “KRACK” vulnerabilities

2017-12-20 00:00:00

openvas

Fedora Update for hostapd FEDORA-2017-fc21e3856b

2017-11-23 00:00:00

Fedora Update for hostapd FEDORA-2017-cfb950d8f4

2017-11-23 00:00:00

Debian: Security Advisory (DSA-3999-1)

2017-10-15 00:00:00

nessus

EulerOS 2.0 SP2 : wpa_supplicant (EulerOS-SA-2017-1242)

2017-11-16 00:00:00

Debian DSA-3999-1 : wpa - security update (KRACK)

2017-10-17 00:00:00

EulerOS 2.0 SP1 : wpa_supplicant (EulerOS-SA-2017-1241)

2017-11-16 00:00:00

freebsd_advisory

FreeBSD-SA-17:07.wpa

2017-10-17 00:00:00

archlinux

[ASA-201710-22] wpa_supplicant: man-in-the-middle

2017-10-16 00:00:00

[ASA-201710-23] hostapd: man-in-the-middle

2017-10-16 00:00:00

debian

[SECURITY] [DSA 3999-1] wpa security update

2017-10-16 09:20:15

[SECURITY] [DLA 1150-1] wpa security update

2017-10-31 14:48:26

[SECURITY] [DLA 1573-1] firmware-nonfree security update

2018-11-13 01:33:10

fedora

[SECURITY] Fedora 26 Update: wpa_supplicant-2.6-11.fc26

2017-10-16 17:59:17

[SECURITY] Fedora 27 Update: wpa_supplicant-2.6-11.fc27

2017-10-17 00:20:50

[SECURITY] Fedora 25 Update: hostapd-2.6-6.fc25

2017-11-15 22:30:40

intel

One or more Intel Products affected by the Wi-Fi Protected Access II (WPA2) protocol vulnerability

2017-12-07 00:00:00

Frame replay vulnerability in Wi-Fi subsystem in Intel® Dual-Band and Tri-Band Wireless-AC Products allows remote attacker to replay frames via channel-based man-in-the-middle

2017-12-07 00:00:00

K23642330 : Multiple WPA2 vulnerabilities (KRACK)

2017-10-17 00:00:00

thn

KRACK Demo: Critical Key Reinstallation Attack Against Widely-Used WPA2 Wi-Fi Protocol

2017-10-15 23:21:00

cisco

Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II

2017-10-16 14:00:00

slackware

[slackware-security] wpa_supplicant

2017-10-18 19:36:09

fortinet

Key Reinstallation Attacks: Cryptographic/protocol attack against WPA2

2017-10-16 00:00:00

redhatcve

CVE-2017-13077

2019-10-08 10:15:50

CVE-2017-13086

2017-10-16 09:49:56

CVE-2017-13082

2017-10-16 09:49:15

oraclelinux

wpa_supplicant security update

2017-10-18 00:00:00

redhat

(RHSA-2017:2907) Important: wpa_supplicant security update

2017-10-17 20:14:23

(RHSA-2017:2911) Important: wpa_supplicant security update

2017-10-18 15:43:19

hackerone

Internet Bug Bounty: Key Reinstallation Attacks: Breaking WPA2 by forcing nonce reuse

2017-11-02 22:08:43

myhack58

KRACK: WPA2 series of vulnerabilities in the event of early warning-vulnerability warning-the black bar safety net

2017-10-18 00:00:00

gentoo

hostapd and wpa_supplicant: Key Reinstallation (KRACK) attacks

2017-11-10 00:00:00

freebsd

WPA packet number reuse with replayed messages and key reinstallation

2017-10-16 00:00:00

huawei

Security Advisory - Multiple Vulnerabilities of WPA and WPA2 Protocol in Some Huawei Products

2017-11-17 00:00:00

centos

wpa_supplicant security update

2017-10-17 21:54:54

wpa_supplicant security update

2017-10-18 16:57:30

ibm

Security Bulletin: Vulnerabilities in wpa_supplicant affect PowerKVM (KRACK)

2018-06-18 01:39:24

suse

Security update for wpa_supplicant (important)

2017-10-17 18:11:19

Security update for wpa_supplicant (important)

2017-10-17 21:07:43

Security update for wpa_supplicant (important)

2017-10-18 15:07:12

lenovo

WPA2 Protocol Vulnerabilities - US

2018-12-18 15:12:07

WPA2 Protocol Vulnerabilities - Lenovo Support US

2018-12-18 15:12:07

ubuntu

wpa_supplicant and hostapd vulnerabilities

2017-10-16 00:00:00

Linux firmware vulnerabilities

2017-12-06 00:00:00

HPSBPI03574 rev. 2 - WPA, WPA2 Key Reinstallation Attacks (KRACK attacks) Potential Remote Disclosure of Information: Certain HP Enterprise Printer and MFP products, Certain HP PageWide Printer and MFP Products, HP Jetdirect Accessory Products

2018-01-12 00:00:00

HP Printing Security Advisory - KRACK Attacks Potential Vulnerabilities

2018-01-09 00:00:00

HPSBHF03582 rev. 2 - KRACK Vulnerability Affecting WPA2 Wireless Security

2018-04-03 00:00:00

cert

Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse

2017-10-16 00:00:00

apple

About the security content of Wi-Fi Update for Boot Camp 6.4.0

2018-07-05 00:00:00

About the security content of Wi-Fi Update for Boot Camp 6.4.0 - Apple Support

2018-07-05 10:02:49

About the security content of AirPort Base Station Firmware Update 7.6.9

2017-12-12 00:00:00

cloudfoundry

USN-3505-1: Linux firmware vulnerabilities | Cloud Foundry

2017-12-14 00:00:00

ubuntucve

CVE-2017-5729

2017-11-21 00:00:00

CVE-2017-13086

2017-10-16 00:00:00

CVE-2017-13082

2017-10-16 00:00:00

cve

CVE-2017-13086

2017-10-17 13:29:00

CVE-2017-13088

2017-10-17 13:29:00

CVE-2017-13087

2017-10-17 13:29:00

alpinelinux

CVE-2017-13086

2017-10-17 13:29:00

CVE-2017-13087

2017-10-17 13:29:00

CVE-2017-13079

2017-10-17 13:29:00

threatpost

Cisco Warns 69 Products Impacted by KRACK

2017-10-20 07:00:59

debiancve

CVE-2017-13079

2017-10-17 13:29:00

CVE-2017-13088

2017-10-17 13:29:00

CVE-2017-13087

2017-10-17 13:29:00

prion

Authentication flaw

2017-10-17 13:29:00

Authentication flaw

2017-10-17 13:29:00

Authentication flaw

2017-10-17 13:29:00

veracode

Key Reinstallation Attack (KRACK)

2019-05-16 01:48:06

Key Reinstallation Attack (KRACK)

2019-05-16 01:48:06

Spoofable Frames

2020-09-21 06:30:54

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

8.1 High

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

5.8 Medium

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

66.2%

JSON

Related for ELSA-2017-2907