Vulnerabilità: CVE-2017-13078

Wi-Fi Protected Access (WPA e WPA2) permette la reinstallazione del Gruppo Temporal Key (GTK) durante la quattro-way handshake, permettendo a un utente malintenzionato all’interno portata radio per riprodurre fotogrammi dai punti di accesso ai clienti.


http://www.securityfocus.com/bid/101274
http://www.kb.cert.org/vuls/id/228519
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
https://access.redhat.com/security/vulnerabilities/kracks
https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf
https://cert.vde.com/en-us/advisories/vde-2017-003
https://cert.vde.com/en-us/advisories/vde-2017-005
https://source.android.com/security/bulletin/2017-11-01
https://support.apple.com/HT208219
https://support.apple.com/HT208220
https://support.apple.com/HT208221
https://support.apple.com/HT208222
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03792en_us
https://support.lenovo.com/us/en/product_security/LEN-17420
http://www.debian.org/security/2017/dsa-3999
https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc
https://security.gentoo.org/glsa/201711-03
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
https://www.krackattacks.com/
https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html
https://access.redhat.com/errata/RHSA-2017:2907
https://access.redhat.com/errata/RHSA-2017:2911
http://www.securitytracker.com/id/1039573
http://www.securitytracker.com/id/1039576
http://www.securitytracker.com/id/1039577
http://www.securitytracker.com/id/1039578
http://www.securitytracker.com/id/1039581
http://www.securitytracker.com/id/1039585
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html
http://www.ubuntu.com/usn/USN-3455-1
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078


E' possibile lasciare un commento come utenti registrati al sito, accedendo tramite social, account wordpress oppure come utenti anonimi. Nel caso in cui si desideri lasciare un commento come utenti anonimi si verrà avvisati via email di un'eventuale risposta solo se si inserisce l'indirizzo email (facoltativo). L'inserimento di qualsiasi dato nei campi dei commenti è totalmente facoltativo. Chiunque decida di inserire un qualsiasi dato accetta il trattamento di questi ultimi per i fini inerenti al servizio ovvero la risposta al commento e le comunicazioni strettamente necessarie.


Rispondi