D-Link Wireless Access Points For Business > DWL-8600AP

KRACK Firmware Patch - 4.3.0.2B10 BETA Released

(1/1)

GreenBay42:
A patch firmware has been released for the KRACK vulnerability.

Download Firmware --> ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DWL-8600/REVA/DWL-8600AP_REVA_FIRMWARE_PATCH_v4.3.0.2_B10.zip

Release Notes:

Problems Resolved:
A WPA2 wireless protocol vulnerability was reported to CERT//CC and public disclosed as: VU#228519 - Wi-Fi Protected Access II (WPA2) handshake traffic can be manipulated to induce nonce and session key reuse.

The following CVE IDs have been assigned to VU#228519. These vulnerabilities in the WPA2 protocol:
[*]CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake
[*]CVE-2017-13078: reinstallation of the group key in the Four-way handshake
[*]CVE-2017-13079: reinstallation of the integrity group key in the Four-way handshake
[*]CVE-2017-13080: reinstallation of the group key in the Group Key handshake
[*]CVE-2017-13081: reinstallation of the integrity group key in the Group Key handshake
[*]CVE-2017-13082: accepting a retransmitted Fast BSS Transition Re-association Request and reinstalling the pairwise key while processing it
[*]CVE-2017-13084: reinstallation of the STK key in the PeerKey handshake
[*]CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake
[*]CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
[*]CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
[/list]

Other Fixes:
[*]HTTP Redirection is not working (HQ20170522000008)
[*]DWL-3600/6600 + DWC-2000 - no dynamic VLAN allocation (DEUR20170109000005-Central Europe; HQ20170110000008)
[*]5GHz connection speed issue in managed mode (IMA20160721000004- India; HQ20160726000004)
[*]After Controller manages DWL-8600AP, httpd is still alive and user can access web UI (DI20160602000002-Japan; HQ20160603000001)
[*]Remove STBC function in web
[*]Malformed Email Notification that is being blocked ALG-enabled Firewall (DUSA20160412000001-USA; HQ20160414000005)
[*]Web UI reboot issue (DI20150611000003-Japan; HQ20150721000012)
[*]AP stop process radius request with DWS-3160 (DEUR20150917000002; HQ20151214000001)
[*]Wireless clients are getting disconnected very frequently (DI20151224000001-India; HQ20160108000001)
[*]Accommodate 32 characters for administrative password in WEB/CLI (DEUR20140905000005)
[*]New feature - bonjour across Vlan
[*]DNA doesn't display subversion (DDP).
[*]Confirm button of redirect html page (web)
[*]Standalone F/W upgrade through Web UI  didn't redirect to login page in upgrade timeout case (HQ20151210000013)
[/list]

Navigation

[0] Message Index

Go to full version