Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2017.0379
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2017-0379)
Zusammenfassung:	The remote host is missing an update for the 'hostapd, wpa_supplicant' package(s) announced via the MGASA-2017-0379 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'hostapd, wpa_supplicant' package(s) announced via the MGASA-2017-0379 advisory. Vulnerability Insight: Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly handled WPA2. A remote attacker could use this issue with key reinstallation attacks to obtain sensitive information. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088) Affected Software/OS: 'hostapd, wpa_supplicant' package(s) on Mageia 5, Mageia 6. Solution: Please install the updated package(s). CVSS Score: 5.8 CVSS Vector: AV:A/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-13077 BugTraq ID: 101274 http://www.securityfocus.com/bid/101274 CERT/CC vulnerability note: VU#228519 http://www.kb.cert.org/vuls/id/228519 Cisco Security Advisory: 20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa Debian Security Information: DSA-3999 (Google Search) http://www.debian.org/security/2017/dsa-3999 FreeBSD Security Advisory: FreeBSD-SA-17:07 https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc https://security.gentoo.org/glsa/201711-03 https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt https://www.krackattacks.com/ https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html RedHat Security Advisories: RHSA-2017:2907 https://access.redhat.com/errata/RHSA-2017:2907 RedHat Security Advisories: RHSA-2017:2911 https://access.redhat.com/errata/RHSA-2017:2911 http://www.securitytracker.com/id/1039573 http://www.securitytracker.com/id/1039576 http://www.securitytracker.com/id/1039577 http://www.securitytracker.com/id/1039578 http://www.securitytracker.com/id/1039581 http://www.securitytracker.com/id/1039585 http://www.securitytracker.com/id/1041432 http://www.ubuntu.com/usn/USN-3455-1 Common Vulnerability Exposure (CVE) ID: CVE-2017-13078 SuSE Security Announcement: SUSE-SU-2017:2745 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html SuSE Security Announcement: SUSE-SU-2017:2752 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html SuSE Security Announcement: openSUSE-SU-2017:2755 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html Common Vulnerability Exposure (CVE) ID: CVE-2017-13079 Common Vulnerability Exposure (CVE) ID: CVE-2017-13080 https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html http://www.securitytracker.com/id/1039572 http://www.securitytracker.com/id/1039703 Common Vulnerability Exposure (CVE) ID: CVE-2017-13081 Common Vulnerability Exposure (CVE) ID: CVE-2017-13082 https://github.com/vanhoefm/krackattacks-test-ap-ft https://ics-cert.us-cert.gov/advisories/ICSA-17-299-02 http://www.securitytracker.com/id/1039570 http://www.securitytracker.com/id/1039571 SuSE Security Announcement: openSUSE-SU-2020:0222 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html Common Vulnerability Exposure (CVE) ID: CVE-2017-13086 Common Vulnerability Exposure (CVE) ID: CVE-2017-13087 Common Vulnerability Exposure (CVE) ID: CVE-2017-13088
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.