17 matches found
Protect
On May 11th, 2021, Mathy Vanhoef New York University Abu Dhabi published a new paper, Fragment and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation, on a number of vulnerabilities in the base 802.11 protocol 802.11 is the standard that Wi-Fi is built on. The paper discloses three...
FragAttack: New Wi-Fi vulnerabilities that affect… basically everything
A new set of vulnerabilities with an aggressive name and their own website almost always bodes ill. The name FragAttack is a contraction of fragmentation and aggregation attacks, which immediately indicates the main area where the vulnerabilities were found. The vulnerabilities are mostly in how...
‘FragAttacks’: Wi-Fi Bugs Affect Millions of Devices
A Belgian security researcher specializing in Wi-Fi bugs has unearthed a clutch of new ones, which he called FragAttacks, that affect the Wi-Fi standard itself. The name is short for “fragmentation and aggregation attacks.” Some bugs date back to 1997, meaning that computers, smartphones or other...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : wpa_supplicant and hostapd vulnerabilities (USN-3944-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3944-1 advisory. It was discovered that wpasupplicant and hostapd were vulnerable to a side channel attack against EAP- pwd. A remote attacker cou...
USN-3944-1: wpa_supplicant and hostapd vulnerabilities
It was discovered that wpasupplicant and hostapd were vulnerable to a side channel attack against EAP-pwd. A remote attacker could possibly use this issue to recover certain passwords. CVE-2019-9495 Mathy Vanhoef discovered that wpasupplicant and hostapd incorrectly validated received scalar and...
About the security content of Wi-Fi Update for Boot Camp 6.4.0 - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...
About the security content of Wi-Fi Update for Boot Camp 6.4.0
About the security content of Wi-Fi Update for Boot Camp 6.4.0 This document describes the security content of Wi-Fi Update for Boot Camp 6.4.0. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has...
About the security content of AirPort Base Station Firmware Update 7.7.9 - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...
About the security content of AirPort Base Station Firmware Update 7.6.9
About the security content of AirPort Base Station Firmware Update 7.6.9 This document describes the security content of AirPort Base Station Firmware Update 7.6.9. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an...
Rockwell Automation Patches Wireless Access Point against Krack
Rockwell Automation has patched its Stratix wireless access point against the KRACK vulnerability, joining a growing list of vendors in the commercial and industrial controls spaces moving quickly to reduce their exposure. Most major vendors have similarly patched their products, some prior to th...
RedHat Update for wpa_supplicant RHSA-2017:2911-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Important: Red Hat Security Advisory: wpa_supplicant security update
An update for wpasupplicant is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Important: Red Hat Security Advisory: wpa_supplicant security update
An update for wpasupplicant is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Vulnerability in WPA2 Protocol Allows Attackers to Intercept and Decrypt Encrypted Data Traffic
By Waqas According to cyber-security researchers Frank Piessens and Mathy Vanhoef from This is a post from HackRead.com Read the original post: Vulnerability in WPA2 Protocol Allows Attackers to Intercept and Decrypt Encrypted Data Traffic...
Ubuntu 14.04 LTS / 16.04 LTS : wpa_supplicant and hostapd vulnerabilities (USN-3455-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3455-1 advisory. Mathy Vanhoef discovered that wpasupplicant and hostapd incorrectly handled WPA2. A remote attacker could use this issue with key...
Ubuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-2135-1)
Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing atack. CVE-2013-4579 Andrew Honig reported a flaw in the Linux Kernel's kvmvmioctlcreatevcpu function ...
USN-2134-1: Linux kernel (OMAP4) vulnerabilities
Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing atack. CVE-2013-4579 Andrew Honig reported an error in the Linux Kernel's Kernel Virtual Machine KVM...