home bbs files messages ]

Forums before death by AOL, social media and spammers... "We can't have nice things"

   alt.internet.wireless      Fun with wireless Internet access      55,960 messages   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]

   Message 54,357 of 55,960   
   harry newton to He who is harry newton   
   Re: Severe flaw in WPA2 protocol leaves    
   16 Oct 17 22:20:34   
   
   XPost: alt.home.repair, microsoft.public.windowsxp.general   
   From: harry@is.invalid   
      
   He who is harry newton said on Mon, 16 Oct 2017 06:33:13 +0000 (UTC):   
      
   > It works by exploiting a four-way handshake that's used to establish a key   
   > for encrypting traffic.   
      
   Here is ubiquiti's response to the AirMax products that I often use on my   
   rooftop and as my many access points in my house and barn and pool and   
   corral and driveway gate cameras, etc., and that all my neighbors use for   
   our WISP radios.   
      
   "Yes, this is a very big problem for WPA2 clients that won't get any more   
   updates. But let's keep this thread focused on airMAX products.   
      
   First of all, you are mostly covered if you are running v8.4.0 (AC series)   
   or v6.0.7 (M series). We will fully resolve the issue with v8.4.2/v6.1.2   
   (betas aimed for the end of this week). Furthermore, our proprietary airMAX   
   protocol makes simple attacks more difficult to carry out.   
      
   Will be fully fixed with v8.4.2/v6.1.2:   
   CVE-2017-13077: reinstallation of the pairwise key in the Four-way   
   handshake   
   CVE-2017-13078: reinstallation of the group key in the Four-way handshake   
   CVE-2017-13079: reinstallation of the integrity group key in the Four-way   
   handshake   
   CVE-2017-13080: reinstallation of the group key in the Group Key handshake   
   CVE-2017-13081: reinstallation of the integrity group key in the Group Key   
   handshake   
   Unaffected:   
   CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation   
   Request and reinstalling the pairwise key while processing it   
   CVE-2017-13084: reinstallation of the STK key in the PeerKey handshake   
   CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS)   
   PeerKey (TPK) key in the TDLS handshake   
   CVE-2017-13087: reinstallation of the group key (GTK) when processing a   
   Wireless Network Management (WNM) Sleep Mode Response frame   
   CVE-2017-13088: reinstallation of the integrity group key (IGTK) when   
   processing a Wireless Network Management (WNM) Sleep Mode Response frame"   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]


(c) 1994,  bbs@darkrealms.ca