New wpa_supplicant packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

The remote host is affected by the vulnerability described in GLSA-201711-03 (hostapd and wpa_supplicant: Key Reinstallation (KRACK) attacks)

    WiFi Protected Access (WPA and WPA2) and it&rsquo;s associated technologies       are all vulnerable to the KRACK attacks. Please review the referenced CVE       identifiers for details.
  Impact :

    An attacker can carry out the KRACK attacks on a wireless network in       order to gain access to network clients. Once achieved, the attacker can       potentially harvest confidential information (e.g. HTTP/HTTPS), inject       malware, or perform a myriad of other attacks.
  Workaround :

    There is no known workaround at this time.

According to its self-reported version, the remote networking device is running a version of MikroTik 6.9.X prior to 6.39.3, 6.40.x < 6.40.4, or 6.41rc. It, therefore, vulnerable to multiple vulnerabilities discovered in the WPA2 handshake protocol.

According to its self-reported version, the remote networking device is running a version of UniFi OS prior to 3.9.3.7537. It, therefore, vulnerable to multiple vulnerabilities discovered in the WPA2 handshake protocol.

According to its self-reported version, the Cisco ASA with FirePOWER Services is affected by multiple vulnerabilities related to the KRACK attack. Please see the included Cisco BIDs and the Cisco Security Advisory for more information.

wpa_supplicant developers report :

A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by replaying a specific frame that is used to manage the keys.

According to its self-reported version number, the remote pfSense install is affected by multiple vulnerabilities as stated in the referenced vendor advisories.

ID	Name	Product	Family	Published	Updated	Severity
103944	Slackware 14.0 / 14.1 / 14.2 / current : wpa_supplicant (SSA:2017-291-02) (KRACK)	Nessus	Slackware Local Security Checks	10/19/2017	1/14/2021	high
104511	GLSA-201711-03 : hostapd and wpa_supplicant: Key Reinstallation (KRACK) attacks (KRACK)	Nessus	Gentoo Local Security Checks	11/13/2017	1/11/2021	high
103857	MikroTik RouterOS < 6.39.3 / 6.40.4 / 6.41rc (KRACK)	Nessus	Misc.	10/16/2017	4/11/2022	high
103875	Ubiquiti Networks UniFi < 3.9.3.7537 (KRACK)	Nessus	Misc.	10/17/2017	11/12/2019	high
103856	Cisco ASA FirePOWER Services Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II (KRACK)	Nessus	CISCO	10/16/2017	12/20/2019	high
103862	FreeBSD : WPA packet number reuse with replayed messages and key reinstallation (d670a953-b2a1-11e7-a633-009c02a2ab30) (KRACK)	Nessus	FreeBSD Local Security Checks	10/17/2017	1/4/2021	high
109037	pfSense < 2.3.5 Multiple Vulnerabilities (KRACK)	Nessus	Firewalls	4/13/2018	5/8/2020	critical

Detections

Analytics

Plugins Search

high

high

high

high

high

high

critical