CVE-2018-5797

The CVE-2018-5797 entry concerns Extreme Networks ExtremeWireless WiNG (versions 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3). The root cause is a hardcoded Smint_encrypt AES key which can be used to decrypt packets and obtain cleartext credentials. This affects devices where an attacker has acce...

Cisco IP Phone 8861 Multiple WPA2 Vulnerabilities

Cisco IP Phone 8861 is prone to key reinstallation attacks against WPA protocol. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

WPA2 Wireless Network STK Key Reinstallation Vulnerability

WPA Wi-Fi Protected Access is a system for securing wireless computer networks Wi-Fi. WPA2 wireless networks suffer from a group key reload vulnerability in the PeerKey handshake. The vulnerability is due to the fact that Wi-Fi Protected Access II WPA2 handshake traffic can be manipulated to caus...

WPA2 Wireless Network Hibernation Mode Group Key Reinstallation Vulnerability

WPA Wi-Fi Protected Access is a system for securing wireless computer networks Wi-Fi. A group key reload vulnerability exists in the WPA2 wireless network hibernation mode. The vulnerability is due to the fact that Wi-Fi Protected Access II WPA2 handshake traffic can be manipulated to cause rando...

WPA2 Wireless Network PTK-TK Encryption Key Reinstallation Vulnerability

WPA Wi-Fi Protected Access is a system for securing wireless computer networks Wi-Fi. WPA2 wireless networks suffer from a PTK-TK key reloading vulnerability in the fourth handshake. The vulnerability is due to the fact that Wi-Fi Protected Access II WPA2 handshake traffic can be manipulated to...

WPA2 Wireless Network IGTK Group Key Reinstallation Vulnerability

WPA Wi-Fi Protected Access is a system for securing wireless computer networks Wi-Fi. An IGTK group key reload vulnerability exists in the WPA2 wireless network fourth handshake. The vulnerability is due to the fact that Wi-Fi Protected Access II WPA2 handshake traffic can be manipulated to cause...

WPA2 wireless network IGTK group key reloading vulnerability (CNVD-2017-30402)

WPA Wi-Fi Protected Access is a system for securing wireless computer networks Wi-Fi. An IGTK group key reload vulnerability exists in WPA2 wireless networks. The vulnerability is due to the fact that Wi-Fi Protected Access II WPA2 handshake traffic can be manipulated to cause random number and...

WPA2 Wireless Network GTK Group Key Reinstallation Vulnerability (CNVD-2017-30403)

WPA Wi-Fi Protected Access is a system for securing wireless computer networks Wi-Fi. A GTK group key reload vulnerability exists in WPA2 wireless networks. The vulnerability is due to the fact that Wi-Fi Protected Access II WPA2 handshake traffic can be manipulated to cause random number and...

WPA2 Wireless Network PTK-TK Encryption Key Reinstallation Vulnerability

WPA Wi-Fi Protected Access is a system for securing wireless computer networks Wi-Fi. A PTK-TK encryption key reloading vulnerability exists in WPA2 wireless networks when receiving and processing retransmitted fast BSS transition re-association requests. The vulnerability is due to the fact that...

WPA2 Wireless Network TPK Key Reinstallation Vulnerability

WPA Wi-Fi Protected Access is a system for securing wireless computer networks Wi-Fi. A TPK key vulnerability exists in WPA2 wireless networks when reinstalling a tunneled direct connection setting PeerKey in the TDLS handshake. The vulnerability is due to the fact that Wi-Fi Protected Access II...

WPA2 Wireless Network Hibernation Mode IGTK Key Reinstallation Vulnerability

WPA Wi-Fi Protected Access is a system for securing wireless computer networks Wi-Fi. An IGTK key integrity reload vulnerability exists in the WPA2 wireless network hibernation mode. The vulnerability is due to the fact that Wi-Fi Protected Access II WPA2 handshake traffic can be manipulated to...

Cisco Aironet Access Points Multiple WPA2 Vulnerabilities

Cisco Aironet Access Points are prone to key reinstallation attacks against WPA protocol. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later Th...

Cisco Wireless IP Phone 8821 Multiple WPA2 Vulnerabilities

Cisco Wireless IP Phone 8821 is prone to key reinstallation attacks against WPA protocol. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if...

Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse

Overview Wi-Fi Protected Access WPA, more commonly WPA2 handshake traffic can be manipulated to induce nonce and session key reuse, resulting in key reinstallation by a wireless access point AP or client. An attacker within range of an affected AP and client may leverage these vulnerabilities to...

Netgear D6000 and D3600 Hardcoded RSA Key Vulnerability

The Netgear D6000 and D3600 are wireless router products from American Netgear. The Netgear D6000 and D3600 device firmware uses hard-coded RSA keys, which allows remote attackers to exploit the vulnerability to conduct a man-in-the-middle attack with the keys, gain administrator access, and...

CVE-2005-2532

OpenVPN before 2.0.1 does not properly flush the OpenSSL error queue when a packet can not be decrypted by the server, which allows remote authenticated attackers to cause a denial of service client disconnection via a large number of packets that can not be decrypted...