FreeBSD : FreeBSD -- Unauthenticated EAPOL-Key Decryption Vulnerability (45671c0e-a652-11e8-805b-a4badb2f4699)
Low Nessus Plugin ID 112071
SynopsisThe remote FreeBSD host is missing one or more security-related
DescriptionWhen using WPA2, EAPOL-Key frames with the Encrypted flag and without
the MIC flag set, the data field was decrypted first without verifying
the MIC. When the dta field was encrypted using RC4, for example, when
negotiating TKIP as a pairwise cipher, the unauthenticated but
decrypted data was subsequently processed. This opened
wpa_supplicant(8) to abuse by decryption and recovery of sensitive
information contained in EAPOL-Key messages.
for a detailed description of the bug. Impact : All users of the WPA2
TKIP pairwise cipher are vulnerable to information, for example, the
SolutionUpdate the affected packages.