18 matches found
EUVD-2020-19814
Malware in sbrugna...
Updated hostapd & wpa_supplicant packages fix security vulnerability
The IEEE 802.11 standard sometimes enables an adversary to trick a victim into connecting to an unintended or untrusted network with Home WEP, Home WPA3 SAE-loop. Enterprise 802.1X/EAP, Mesh AMPE, or FILS, aka an "SSID Confusion" issue. This occurs because the SSID is not always used to derive th...
CVE-2023-52424
A flaw was found in the IEEE 802.11 standard. This vulnerability possibly allows an adversary to trick a victim into connecting to an unintended or untrusted network because the SSID is not always used to derive the pairwise master key or session keys and because there is not a protected exchange...
CVE-2023-52424
The IEEE 802.11 standard sometimes enables an adversary to trick a victim into connecting to an unintended or untrusted network with Home WEP, Home WPA3 SAE-loop. Enterprise 802.1X/EAP, Mesh AMPE, or FILS, aka an "SSID Confusion" issue. This occurs because the SSID is not always used to derive th...
CVE-2023-52424
The IEEE 802.11 standard sometimes enables an adversary to trick a victim into connecting to an unintended or untrusted network with Home WEP, Home WPA3 SAE-loop. Enterprise 802.1X/EAP, Mesh AMPE, or FILS, aka an "SSID Confusion" issue. This occurs because the SSID is not always used to derive th...
CVE-2023-52424
CVE-2023-52424 describes an SSID confusion vulnerability in IEEE 802.11 where the SSID is not always used to derive PMK/session keys and the 4‑way handshake may proceed without a protected SSID exchange. An adjacent attacker can lure victims to connect to an unintended/untrusted network using Hom...
New Wi-Fi Vulnerability Enables Network Eavesdropping via Downgrade Attacks
Researchers have discovered a new security vulnerability stemming from a design flaw in the IEEE 802.11 Wi-Fi standard that tricks victims into connecting to a less secure wireless network and eavesdrop on their network traffic. The SSID Confusion attack, tracked as CVE-2023-52424, impacts all...
Realtek RTL8710 Buffer Overflow Vulnerability
The Realtek RTL8710, an IoT microcontroller from Realtek Semiconductor Taiwan, China, suffers from a buffer overflow vulnerability that could be exploited to send a manual "Encrypted GTK" value as part of a as part of a WPA2 4-way handshake...
CVE-2020-27302
A stack buffer overflow in Realtek RTL8710 and other Ameba-based devices can lead to remote code execution via the "memcpy" function, when an attacker in Wi-Fi range sends a crafted "Encrypted GTK" value as part of the WPA2 4-way-handshake...
CVE-2020-27301
A stack buffer overflow in Realtek RTL8710 and other Ameba-based devices can lead to remote code execution via the "AESUnWRAP" function, when an attacker in Wi-Fi range sends a crafted "Encrypted GTK" value as part of the WPA2 4-way-handshake...
Stack overflow
A stack buffer overflow in Realtek RTL8710 and other Ameba-based devices can lead to remote code execution via the "AESUnWRAP" function, when an attacker in Wi-Fi range sends a crafted "Encrypted GTK" value as part of the WPA2 4-way-handshake...
CVE-2020-27302
A stack buffer overflow in Realtek RTL8710 and other Ameba-based devices can lead to remote code execution via the "memcpy" function, when an attacker in Wi-Fi range sends a crafted "Encrypted GTK" value as part of the WPA2 4-way-handshake...
Security update for connman (moderate)
openSUSE Security Update: Security update for connman Announcement ID: openSUSE-SU-2021:0452-1 Rating: moderate References: 1181751 Cross-References: CVE-2021-26675 CVE-2021-26676 CVSS scores: CVE-2021-26675 NVD : 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-26676 NVD : 6.5...
Key Reinstallation Attack (KRACK)
WPA and WPA2 are vulnerable to key reinstallation attacks KRACK. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used group key GTK during a 4-way handshake...
FreeBSD : wpa_supplicant -- unauthenticated encrypted EAPOL-Key data (6bedc863-9fbe-11e8-945f-206a8a720317)
SO-AND-SO reports : A vulnerability was found in how wpasupplicant processes EAPOL-Key frames. It is possible for an attacker to modify the frame in a way that makes wpasupplicant decrypt the Key Data field without requiring a valid MIC value in the frame, i.e., without the frame being...
Internet Bug Bounty: Key Reinstallation Attacks: Breaking WPA2 by forcing nonce reuse
Full background information is at krackattacks.com and all detailed information can be found in our research paper. Key Reinstallation Attack: 4-way handshake example We use the 4-way handshake to illustrate the idea behind key reinstallation attacks CVE-2017-13077. Note that in practice, all...
KRACK: WPA2 series of vulnerabilities in the event of early warning-vulnerability warning-the black bar safety net
2017 10 on 16 September, called KRACK vulnerability flaws bug invasion attack method is expressed, for WiFi+WPA2 collect intrusion attack. KRACK tension is the application of 802. 11i 4-way handshake vulnerability in the flaws bug to the ultimate completion of the decryption and fabricated...
Debian Security Advisory DSA 3503-1 (linux - security update)
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, information leak or data loss. CVE-2013-4312 Tetsuo Handa discovered that users can use pipes queued on local Unix sockets to allocate an unfair share of kernel memory,...