Huawei EulerOS: Security Advisory for wpa_supplicant (EulerOS-SA-2019-1414)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for wpa_supplicant (EulerOS-SA-2017-1242)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.1.0 : wpa_supplicant (EulerOS-SA-2019-1414)

According to the versions of the wpasupplicant package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in rsnsupp/wpa.c in wpasupplicant 2.0 through 2.6. Under certain conditions, the integri...

Siemens SCALANCE, SIMATIC, RUGGEDCOM, and SINAMICS Products (Update F)

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION : Exploitable remotely/low skill level to exploit/public exploits are available. Vendor : Siemens Equipment : SCALANCE, SIMATIC, RUGGEDCOM, and SINAMICS Products Vulnerabilities : Security Features 2. UPDATE INFORMATION This updated advisory is a...

Virtuozzo 6 : wpa_supplicant (VZLSA-2017-2911)

An update for wpasupplicant is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

About the security content of Wi-Fi Update for Boot Camp 6.4.0

About the security content of Wi-Fi Update for Boot Camp 6.4.0 This document describes the security content of Wi-Fi Update for Boot Camp 6.4.0. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has...

Fedora 27 : 1:wpa_supplicant (2017-f45e844a85) (KRACK)

Fix the for the Key Reinstallation Attacks ========================================== - hostapd: Avoid key reinstallation in FT handshake CVE-2017-13082 - Fix PTK rekeying to generate a new ANonce - Prevent reinstallation of an already in-use group key and extend protection of GTK/IGTK...

About the security content of AirPort Base Station Firmware Update 7.6.9 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

Ubuntu: Security Advisory (USN-3505-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3505-1: Linux firmware vulnerabilities

Mathy Vanhoef discovered that the firmware for several Intel WLAN devices incorrectly handled WPA2 in relation to Wake on WLAN. A remote attacker could use this issue with key reinstallation attacks to obtain sensitive information. CVE-2017-13080, CVE-2017-13081...

Multiple AVM FRITZ!Box WPA2 Key Reinstallation Vulnerabilities - KRACK

WPA2 as used in several models of the AVM FRITZ!Box are prone to multiple security weaknesses aka Key Reinstallation Attacks KRACK. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Virtuozzo 7 : wpa_supplicant (VZLSA-2017-2907)

An update for wpasupplicant is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Siemens SCALANCE, SIMATIC, RUGGEDCOM, and SINAMICS Products (Update C)

CVSS v3 6.8 Vendor: Siemens Equipment: SCALANCE, SIMATIC, RUGGEDCOM, and SINAMICS Products Vulnerabilities: Security Features UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-17-318-01B Siemens SCALANCE, SIMATIC, RUGGEDCOM, and SINAMICS Products that was...

Siemens SCALANCE, SIMATIC, RUGGEDCOM, and SINAMICS Products (Update B)

CVSS v3 6.8 Vendor: Siemens Equipment: SCALANCE, SIMATIC, RUGGEDCOM, and SINAMICS Products Vulnerabilities: Security Features UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-17-318-01A Siemens SCALANCE, SIMATIC, RUGGEDCOM, and SINAMICS Products that was...

ABB TropOS (Update A)

CVSS v3 6.8 Vendor: ABB Equipment: TropOS Vulnerabilities: Security Features UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-17-318-02 ABB TropOS that was published November 14, 2017, on the NCCIC/ICS-CERT website. AFFECTED PRODUCTS ABB reports that th...

About the security content of tvOS 11.1 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

Internet Bug Bounty: Key Reinstallation Attacks: Breaking WPA2 by forcing nonce reuse

Full background information is at krackattacks.com and all detailed information can be found in our research paper. Key Reinstallation Attack: 4-way handshake example We use the 4-way handshake to illustrate the idea behind key reinstallation attacks CVE-2017-13077. Note that in practice, all...

About the security content of watchOS 4.1

About the security content of watchOS 4.1 This document describes the security content of watchOS 4.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

About the security content of tvOS 11.1

About the security content of tvOS 11.1 This document describes the security content of tvOS 11.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

Cisco IP Phone 8865 Multiple WPA2 Vulnerabilities

Cisco IP Phone 8865 is prone to key reinstallation attacks against WPA protocol. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...