5.8 - DSA-3999

Executive Summary

Summary
Title	wpa security update

Informations
Name	DSA-3999	First vendor Publication	2017-10-16
Vendor	Debian	Last vendor Modification	2017-10-16
Severity (Vendor)	N/A	Revision	1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:A/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score	5.8	Attack Range	Adjacent network
Cvss Impact Score	6.4	Attack Complexity	Low
Cvss Expoit Score	6.5	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Mathy Vanhoef of the imec-DistriNet research group of KU Leuven discovered multiple vulnerabilities in the WPA protocol, used for authentication in wireless networks. Those vulnerabilities applies to both the access point (implemented in hostapd) and the station (implemented in wpa_supplicant).

An attacker exploiting the vulnerabilities could force the vulnerable system to reuse cryptographic session keys, enabling a range of cryptographic attacks against the ciphers used in WPA1 and WPA2.

More information can be found in the researchers's paper, Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2.

CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake CVE-2017-13078: reinstallation of the group key in the Four-way handshake CVE-2017-13079: reinstallation of the integrity group key in the Four-way handshake CVE-2017-13080: reinstallation of the group key in the Group Key handshake CVE-2017-13081: reinstallation of the integrity group key in the Group Key handshake CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation Request and reinstalling the pairwise key while processing it CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame

For the oldstable distribution (jessie), these problems have been fixed in version 2.3-1+deb8u5.

For the stable distribution (stretch), these problems have been fixed in version 2:2.4-1+deb9u1.

For the testing distribution (buster), these problems have been fixed in version 2:2.4-1.1.

For the unstable distribution (sid), these problems have been fixed in version 2:2.4-1.1.

We recommend that you upgrade your wpa packages.

Original Source

Url : http://www.debian.org/security/2017/dsa-3999

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-330	Use of Insufficiently Random Values

CPE : Common Platform Enumeration

Type	Description	Count
Application	w1.Fi Hostapd cpe:2.3:a:w1.fi:hostapd:2.6:::::::* cpe:2.3:a:w1.fi:hostapd:2.5:::::::* cpe:2.3:a:w1.fi:hostapd:2.4:::::::* cpe:2.3:a:w1.fi:hostapd:2.3:::::::* cpe:2.3:a:w1.fi:hostapd:2.2:::::::* cpe:2.3:a:w1.fi:hostapd:2.1:::::::* cpe:2.3:a:w1.fi:hostapd:2.0:::::::* cpe:2.3:a:w1.fi:hostapd:1.1:::::::* cpe:2.3:a:w1.fi:hostapd:1.0:::::::* cpe:2.3:a:w1.fi:hostapd:0.7.3:::::::* cpe:2.3:a:w1.fi:hostapd:0.6.9:::::::* cpe:2.3:a:w1.fi:hostapd:0.6.8:::::::* cpe:2.3:a:w1.fi:hostapd:0.6.10:::::::* cpe:2.3:a:w1.fi:hostapd:0.5.9:::::::* cpe:2.3:a:w1.fi:hostapd:0.5.8:::::::* cpe:2.3:a:w1.fi:hostapd:0.5.7:::::::* cpe:2.3:a:w1.fi:hostapd:0.5.11:::::::* cpe:2.3:a:w1.fi:hostapd:0.5.10:::::::* cpe:2.3:a:w1.fi:hostapd:0.4.9:::::::* cpe:2.3:a:w1.fi:hostapd:0.4.8:::::::* cpe:2.3:a:w1.fi:hostapd:0.4.7:::::::* cpe:2.3:a:w1.fi:hostapd:0.4.11:::::::* cpe:2.3:a:w1.fi:hostapd:0.4.10:::::::* cpe:2.3:a:w1.fi:hostapd:0.3.9:::::::* cpe:2.3:a:w1.fi:hostapd:0.3.7:::::::* cpe:2.3:a:w1.fi:hostapd:0.3.11:::::::* cpe:2.3:a:w1.fi:hostapd:0.3.10:::::::* cpe:2.3:a:w1.fi:hostapd:0.2.8:::::::* cpe:2.3:a:w1.fi:hostapd:0.2.6:::::::* cpe:2.3:a:w1.fi:hostapd:0.2.5:::::::* cpe:2.3:a:w1.fi:hostapd:0.2.4:::::::*	31
Application	w1.Fi Wpa Supplicant cpe:2.3:a:w1.fi:wpa_supplicant:2.6:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:2.5:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:2.4:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:2.3:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:2.2:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:2.1:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:2.0:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:1.1:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:1.0:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:::::::* cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:::::::*	33
Os	Canonical Ubuntu Linux cpe:2.3:o:canonical:ubuntu_linux:17.04:::::::* cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts::: cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::	3
Os	Debian Debian Linux cpe:2.3:o:debian:debian_linux:9.0:::::::* cpe:2.3:o:debian:debian_linux:8.0:::::::*	2
Os	Freebsd cpe:2.3:o:freebsd:freebsd:11.1:::::::* cpe:2.3:o:freebsd:freebsd:11:::::::* cpe:2.3:o:freebsd:freebsd:10.4:::::::* cpe:2.3:o:freebsd:freebsd:10:::::::* cpe:2.3:o:freebsd:freebsd::::::::	5
Os	Opensuse Leap cpe:2.3:o:opensuse:leap:42.3:::::::* cpe:2.3:o:opensuse:leap:42.2:::::::*	2
Os	Redhat Enterprise Linux Desktop cpe:2.3:o:redhat:enterprise_linux_desktop:7:::::::*	1
Os	Redhat Enterprise Linux Server cpe:2.3:o:redhat:enterprise_linux_server:7:::::::*	1
Os	Suse Linux Enterprise Desktop cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:::::: cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3::::::	2
Os	Suse Linux Enterprise Point Of Sale cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3::::::	1
Os	Suse Linux Enterprise Server cpe:2.3:o:suse:linux_enterprise_server:12::::ltss::: cpe:2.3:o:suse:linux_enterprise_server:11:sp4:::::: cpe:2.3:o:suse:linux_enterprise_server:11:sp3::::ltss::*	3
Os	Suse Openstack Cloud cpe:2.3:o:suse:openstack_cloud:6:::::::*	1

Snort® IPS/IDS

Date	Description
2017-11-28	WPA2 key reuse tool attempt RuleID : 44640 - Revision : 2 - Type : POLICY-OTHER

Nessus® Vulnerability Scanner

Date	Description
2018-11-27	Name : The remote Virtuozzo host is missing a security update. File : Virtuozzo_VZLSA-2017-2911.nasl - Type : ACT_GATHER_INFO
2018-11-13	Name : The remote Debian host is missing a security update. File : debian_DLA-1573.nasl - Type : ACT_GATHER_INFO
2018-01-15	Name : The remote Fedora host is missing a security update. File : fedora_2017-fc21e3856b.nasl - Type : ACT_GATHER_INFO
2018-01-15	Name : The remote Fedora host is missing a security update. File : fedora_2017-f45e844a85.nasl - Type : ACT_GATHER_INFO
2018-01-08	Name : The device is vulnerable to key reinstallation attacks (KRACK). File : juniper_jsa10827_krack.nasl - Type : ACT_GATHER_INFO
2017-12-14	Name : The remote openSUSE host is missing a security update. File : openSUSE-2017-1317.nasl - Type : ACT_GATHER_INFO
2017-12-12	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-3265-1.nasl - Type : ACT_GATHER_INFO
2017-12-11	Name : The remote Debian host is missing a security update. File : debian_DLA-1200.nasl - Type : ACT_GATHER_INFO
2017-12-06	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-3505-1.nasl - Type : ACT_GATHER_INFO
2017-12-01	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-3147-1.nasl - Type : ACT_GATHER_INFO
2017-12-01	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-3145-1.nasl - Type : ACT_GATHER_INFO
2017-12-01	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-3146-1.nasl - Type : ACT_GATHER_INFO
2017-12-01	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-3148-1.nasl - Type : ACT_GATHER_INFO
2017-12-01	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-3149-1.nasl - Type : ACT_GATHER_INFO
2017-12-01	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-3150-1.nasl - Type : ACT_GATHER_INFO
2017-12-01	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-3151-1.nasl - Type : ACT_GATHER_INFO
2017-12-01	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-3153-1.nasl - Type : ACT_GATHER_INFO
2017-12-01	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-3154-1.nasl - Type : ACT_GATHER_INFO
2017-12-01	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-3157-1.nasl - Type : ACT_GATHER_INFO
2017-12-01	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-3158-1.nasl - Type : ACT_GATHER_INFO
2017-12-01	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-3160-1.nasl - Type : ACT_GATHER_INFO
2017-12-01	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-3152-1.nasl - Type : ACT_GATHER_INFO
2017-11-30	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-3124-1.nasl - Type : ACT_GATHER_INFO
2017-11-30	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-3117-1.nasl - Type : ACT_GATHER_INFO
2017-11-30	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-3118-1.nasl - Type : ACT_GATHER_INFO
2017-11-30	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-3119-1.nasl - Type : ACT_GATHER_INFO
2017-11-30	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-3123-1.nasl - Type : ACT_GATHER_INFO
2017-11-30	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-3125-1.nasl - Type : ACT_GATHER_INFO
2017-11-30	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-3127-1.nasl - Type : ACT_GATHER_INFO
2017-11-30	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-3130-1.nasl - Type : ACT_GATHER_INFO
2017-11-30	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-3131-1.nasl - Type : ACT_GATHER_INFO
2017-11-30	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-3132-1.nasl - Type : ACT_GATHER_INFO
2017-11-28	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-3103-1.nasl - Type : ACT_GATHER_INFO
2017-11-16	Name : The remote Fedora host is missing a security update. File : fedora_2017-cfb950d8f4.nasl - Type : ACT_GATHER_INFO
2017-11-16	Name : The remote Fedora host is missing a security update. File : fedora_2017-45044b6b33.nasl - Type : ACT_GATHER_INFO
2017-11-16	Name : The remote Virtuozzo host is missing a security update. File : Virtuozzo_VZLSA-2017-2907.nasl - Type : ACT_GATHER_INFO
2017-11-16	Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2017-1242.nasl - Type : ACT_GATHER_INFO
2017-11-16	Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2017-1241.nasl - Type : ACT_GATHER_INFO
2017-11-13	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201711-03.nasl - Type : ACT_GATHER_INFO
2017-11-03	Name : The remote Windows host is affected by multiple vulnerabilities. File : smb_nt_ms17_oct_4042895.nasl - Type : ACT_GATHER_INFO
2017-11-03	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2920-1.nasl - Type : ACT_GATHER_INFO
2017-11-03	Name : The remote host is missing a macOS or Mac OS X security update that fixes mul... File : macosx_SecUpd2017-004.nasl - Type : ACT_GATHER_INFO
2017-11-03	Name : The remote host is missing a macOS update that fixes multiple security vulner... File : macos_10_13_1.nasl - Type : ACT_GATHER_INFO
2017-11-03	Name : The remote Apple TV device is affected by multiple vulnerabilities. File : appletv_11_1.nasl - Type : ACT_GATHER_INFO
2017-11-01	Name : The remote Debian host is missing a security update. File : debian_DLA-1150.nasl - Type : ACT_GATHER_INFO
2017-10-31	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2908-1.nasl - Type : ACT_GATHER_INFO
2017-10-30	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2869-1.nasl - Type : ACT_GATHER_INFO
2017-10-30	Name : The remote openSUSE host is missing a security update. File : openSUSE-2017-1224.nasl - Type : ACT_GATHER_INFO
2017-10-30	Name : The remote openSUSE host is missing a security update. File : openSUSE-2017-1201.nasl - Type : ACT_GATHER_INFO
2017-10-26	Name : The remote openSUSE host is missing a security update. File : openSUSE-2017-1194.nasl - Type : ACT_GATHER_INFO
2017-10-26	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2847-1.nasl - Type : ACT_GATHER_INFO
2017-10-23	Name : The remote openSUSE host is missing a security update. File : openSUSE-2017-1163.nasl - Type : ACT_GATHER_INFO
2017-10-19	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20171018_wpa_supplicant_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2017-10-19	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20171018_wpa_supplicant_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2017-10-19	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-2911.nasl - Type : ACT_GATHER_INFO
2017-10-19	Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2017-2911.nasl - Type : ACT_GATHER_INFO
2017-10-19	Name : The remote CentOS host is missing a security update. File : centos_RHSA-2017-2911.nasl - Type : ACT_GATHER_INFO
2017-10-19	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2017-291-02.nasl - Type : ACT_GATHER_INFO
2017-10-18	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-2907.nasl - Type : ACT_GATHER_INFO
2017-10-18	Name : The remote CentOS host is missing a security update. File : centos_RHSA-2017-2907.nasl - Type : ACT_GATHER_INFO
2017-10-18	Name : The remote Fedora host is missing a security update. File : fedora_2017-12e76e8364.nasl - Type : ACT_GATHER_INFO
2017-10-18	Name : The remote Fedora host is missing a security update. File : fedora_2017-60bfb576b7.nasl - Type : ACT_GATHER_INFO
2017-10-18	Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2017-2907.nasl - Type : ACT_GATHER_INFO
2017-10-18	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2745-1.nasl - Type : ACT_GATHER_INFO
2017-10-18	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2752-1.nasl - Type : ACT_GATHER_INFO
2017-10-17	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-3455-1.nasl - Type : ACT_GATHER_INFO
2017-10-17	Name : The remote networking device is affected by KRACK. File : ubnt_unifi_krack.nasl - Type : ACT_GATHER_INFO
2017-10-17	Name : A wireless network adapter driver on the remote host is affected by multiple ... File : intel_sa_00101_wlan.nasl - Type : ACT_GATHER_INFO
2017-10-17	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_d670a953b2a111e7a633009c02a2ab30.nasl - Type : ACT_GATHER_INFO
2017-10-17	Name : The remote host is affected by multiple vulnerabilities. File : fortios_FG-IR-17-196.nasl - Type : ACT_GATHER_INFO
2017-10-17	Name : The remote Debian host is missing a security-related update. File : debian_DSA-3999.nasl - Type : ACT_GATHER_INFO
2017-10-16	Name : The remote networking device is affected by a heap corruption vulnerability. File : mikrotik_KRACK.nasl - Type : ACT_GATHER_INFO
2017-10-16	Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20171016-wpa-asa_with_firepower_services.nasl - Type : ACT_GATHER_INFO
2017-10-16	Name : The version of ArubaOS is affected by a MitM vulnerability. File : arubaos_krack.nasl - Type : ACT_GATHER_INFO
2017-10-12	Name : The remote Windows host is affected by multiple vulnerabilities. File : smb_nt_ms17_oct_win2008.nasl - Type : ACT_GATHER_INFO
2017-10-10	Name : The remote Windows host is affected by multiple vulnerabilities. File : smb_nt_ms17_oct_4041681.nasl - Type : ACT_GATHER_INFO
2017-10-10	Name : The remote Windows host is affected by multiple vulnerabilities. File : smb_nt_ms17_oct_4041689.nasl - Type : ACT_GATHER_INFO
2017-10-10	Name : The remote Windows host is affected by multiple vulnerabilities. File : smb_nt_ms17_oct_4041690.nasl - Type : ACT_GATHER_INFO
2017-10-10	Name : The remote Windows host is affected by multiple vulnerabilities. File : smb_nt_ms17_oct_4041691.nasl - Type : ACT_GATHER_INFO
2017-10-10	Name : The remote Windows host is affected by multiple vulnerabilities. File : smb_nt_ms17_oct_4041693.nasl - Type : ACT_GATHER_INFO
2017-10-10	Name : The remote Windows host is affected by multiple vulnerabilities. File : smb_nt_ms17_oct_4041676.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2017-11-01 17:22:39	Multiple Updates
2017-10-23 09:25:17	Multiple Updates
2017-10-18 13:24:52	Multiple Updates
2017-10-16 13:22:37	First insertion

Global Informations

Type	Count
CWE ID(s)	9
CPE ID(s)	85
Snort® Rule(s)	1
Nessus® Exploit(s)	81

	Related
8.1	CVE-2017-13082
6.8	CVE-2017-13086
6.8	CVE-2017-13077
5.3	CVE-2017-13088
5.3	CVE-2017-13087
5.3	CVE-2017-13081
5.3	CVE-2017-13080
5.3	CVE-2017-13079
5.3	CVE-2017-13078
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 9 more Alert(s)

5.8 - DSA-3999

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

CPE : Common Platform Enumeration

Snort® IPS/IDS

Nessus® Vulnerability Scanner

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU