FreeBSD : FreeBSD -- WPA2 protocol vulnerability (1f8de723-dab3-11e7-b5af-a4badb2f4699)

medium Nessus Plugin ID 105063

Language:

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by replaying a specific frame that is used to manage the keys. Impact :
Such reinstallation of the encryption key can result in two different types of vulnerabilities: disabling replay protection and significantly reducing the security of encryption to the point of allowing frames to be decrypted or some parts of the keys to be determined by an attacker depending on which cipher is used.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?33cb8299

Plugin Details

Severity: Medium

ID: 105063

File Name: freebsd_pkg_1f8de723dab311e7b5afa4badb2f4699.nasl

Version: 3.4

Type: local

Published: 12/7/2017

Updated: 1/4/2021

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

CVSS v3

Risk Factor: Medium

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:freebsd, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info, Settings/ParanoidReport

Patch Publication Date: 12/6/2017

Vulnerability Publication Date: 10/16/2017

Reference Information

CVE: CVE-2017-1307, CVE-2017-1308

FreeBSD: SA-17:07.wpa