English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 143769 CVE descriptions
and 71225 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.891573
Category:Debian Local Security Checks
Title:Debian LTS Advisory ([SECURITY] [DLA 1573-1] firmware-nonfree security update)
Summary:Several vulnerabilities have been discovered in the firmware for;Broadcom BCM43xx wifi chips that may lead to a privilege escalation;or loss of confidentiality.;;CVE-2016-0801;;Broadgate Team discovered flaws in packet processing in the;Broadcom wifi firmware and proprietary drivers that could lead to;remote code execution. However, this vulnerability is not;believed to affect the drivers used in Debian.;;CVE-2017-0561;;Gal Beniamini of Project Zero discovered a flaw in the TDLS;implementation in Broadcom wifi firmware. This could be exploited;by an attacker on the same WPA2 network to execute code on the;wifi microcontroller.;;CVE-2017-9417 / #869639;;Nitay Artenstein of Exodus Intelligence discovered a flaw in the;WMM implementation in Broadcom wifi firmware. This could be;exploited by a nearby attacker to execute code on the wifi;microcontroller.;;CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080,;CVE-2017-13081;;Mathy Vanhoef of the imec-DistriNet research group of KU Leuven;discovered multiple vulnerabilities in the WPA protocol used for;authentication in wireless networks, dubbed 'KRACK'.;;An attacker exploiting the vulnerabilities could force the;vulnerable system to reuse cryptographic session keys, enabling a;range of cryptographic attacks against the ciphers used in WPA1;and WPA2.;;These vulnerabilities are only being fixed for certain Broadcom;wifi chips, and might still be present in firmware for other wifi;hardware.
Description:Summary:
Several vulnerabilities have been discovered in the firmware for
Broadcom BCM43xx wifi chips that may lead to a privilege escalation
or loss of confidentiality.

CVE-2016-0801

Broadgate Team discovered flaws in packet processing in the
Broadcom wifi firmware and proprietary drivers that could lead to
remote code execution. However, this vulnerability is not
believed to affect the drivers used in Debian.

CVE-2017-0561

Gal Beniamini of Project Zero discovered a flaw in the TDLS
implementation in Broadcom wifi firmware. This could be exploited
by an attacker on the same WPA2 network to execute code on the
wifi microcontroller.

CVE-2017-9417 / #869639

Nitay Artenstein of Exodus Intelligence discovered a flaw in the
WMM implementation in Broadcom wifi firmware. This could be
exploited by a nearby attacker to execute code on the wifi
microcontroller.

CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080,
CVE-2017-13081

Mathy Vanhoef of the imec-DistriNet research group of KU Leuven
discovered multiple vulnerabilities in the WPA protocol used for
authentication in wireless networks, dubbed 'KRACK'.

An attacker exploiting the vulnerabilities could force the
vulnerable system to reuse cryptographic session keys, enabling a
range of cryptographic attacks against the ciphers used in WPA1
and WPA2.

These vulnerabilities are only being fixed for certain Broadcom
wifi chips, and might still be present in firmware for other wifi
hardware.

Affected Software/OS:
firmware-nonfree on Debian Linux

Solution:
For Debian 8 'Jessie', these problems have been fixed in version
20161130-4~
deb8u1. This version also adds new firmware and packages
for use with Linux 4.9, and re-adds firmware-{adi,ralink} as
transitional packages.

We recommend that you upgrade your firmware-nonfree packages.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2016-0801
https://www.exploit-db.com/exploits/39801/
https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html
http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html
http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html
http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html
http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html
http://www.securitytracker.com/id/1035353
Common Vulnerability Exposure (CVE) ID: CVE-2017-0561
https://www.exploit-db.com/exploits/41805/
https://www.exploit-db.com/exploits/41806/
BugTraq ID: 97367
http://www.securityfocus.com/bid/97367
http://www.securitytracker.com/id/1038201
Common Vulnerability Exposure (CVE) ID: CVE-2017-9417
https://www.blackhat.com/us-17/briefings.html#broadpwn-remotely-compromising-android-and-ios-via-a-bug-in-broadcoms-wi-fi-chipsets
BugTraq ID: 99482
http://www.securityfocus.com/bid/99482
http://www.securitytracker.com/id/1038950
http://www.securitytracker.com/id/1039330
CopyrightCopyright (c) 2018 Greenbone Networks GmbH http://greenbone.net

This is only one of 71225 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.