D-Link Forums

The Graveyard - Products No Longer Supported => Routers / COVR => DIR-865L => Topic started by: GreenBay42 on August 10, 2018, 10:12:08 AM

Title: DIR-865L KRACK Firmware v1.20B01 BETA Released
Post by: GreenBay42 on August 10, 2018, 10:12:08 AM
BETA firmware v1.20B01 has been released. This firmware is a security patch for the WPA2 Vulnerability (KRACK).

Firmware - ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_v1.20B01_BETA.zip (ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_v1.20B01_BETA.zip)



Release Notes:

Problems Resolved:
A WPA2 wireless protocol vulnerability was reported to CERT//CC and public disclosed as: VU#228519 - Wi-Fi Protected Access II (WPA2) handshake traffic can be manipulated to induce nonce and session key reuse.

The following CVE IDs have been assigned to VU#228519. These vulnerabilities in the WPA2 protocol:
• CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake
• CVE-2017-13078: reinstallation of the group key in the Four-way handshake
• CVE-2017-13079: reinstallation of the integrity group key in the Four-way handshake
• CVE-2017-13080: reinstallation of the group key in the Group Key handshake
• CVE-2017-13081: reinstallation of the integrity group key in the Group Key handshake
• CVE-2017-13082: accepting a retransmitted Fast BSS Transition Re-association Request and reinstalling the pairwise key while processing it
• CVE-2017-13084: reinstallation of the STK key in the PeerKey handshake
• CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake
• CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
• CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame