[afnog] Breaking the WPA2 protocol
Loganaden Velvindron
logan at hackers.mu
Mon Oct 16 10:29:37 UTC 2017
On Mon, Oct 16, 2017 at 12:27 AM, Willy MANGA <mangawilly at gmail.com> wrote:
> Hi,
>
> do you still use WPA2 on wifi ? I hope not.
>
> http://www.blackhat.com/eu-17/briefings/schedule/#key-reinstallation-attacks-breaking-the-wpa2-protocol-8861
>
> Full disclosure tomorrow by Mathy Vanhoef
> https://twitter.com/vanhoefm/status/919517772123721728
>
Apparently, firmware updates are available for Ubiquiti and Aruba, as
vendors were notified. However, according to the security researcher,
those are design flaws .
Ubiquiti firmware update:
https://community.ubnt.com/t5/UniFi-Updates-Blog/UniFi-5-5-24-Stable-has-been-released/ba-p/2086518
There seems to be at least 2 fixes related to security:
[UAP] Various security and backend fixes and/or improvements.
[USW] Fix DoS issue reported via HackerOne program.
Latest ubiquiti firmware also ships with dnsmasq:
[SEC] Update dnsmasq to 2.78.
More information about the afnog
mailing list