Scientific Linux Security Update : wpa_supplicant on SL7.x x86_64 (KRACK)
Medium Nessus Plugin ID 103960
Synopsis
The remote Scientific Linux host is missing one or more security updates.
Description
Security Fix(es) :
- A new exploitation technique called key reinstallation attacks (KRACK) affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit these attacks to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by manipulating cryptographic handshakes used by the WPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)
Solution
Update the affected wpa_supplicant and / or wpa_supplicant-debuginfo packages.