FreeBSD : FreeBSD -- WPA2 protocol vulnerability (1f8de723-dab3-11e7-b5af-a4badb2f4699)

Medium Nessus Plugin ID 105063

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by replaying a specific frame that is used to manage the keys. Impact :
Such reinstallation of the encryption key can result in two different types of vulnerabilities: disabling replay protection and significantly reducing the security of encryption to the point of allowing frames to be decrypted or some parts of the keys to be determined by an attacker depending on which cipher is used.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?997801f5

Plugin Details

Severity: Medium

ID: 105063

File Name: freebsd_pkg_1f8de723dab311e7b5afa4badb2f4699.nasl

Version: $Revision: 3.2 $

Type: local

Published: 2017/12/07

Modified: 2018/01/31

Dependencies: 12634

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

CVSSv3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:FreeBSD, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info, Settings/ParanoidReport

Patch Publication Date: 2017/12/06

Vulnerability Publication Date: 2017/10/16

Reference Information

CVE: CVE-2017-1307, CVE-2017-1308

FreeBSD: SA-17:07.wpa