D-Link Forums
D-Link Wireless Access Points For Business => DAP-1665 => Topic started by: FurryNutz on May 31, 2018, 07:18:07 AM
-
Firmware: v1.16 B01 01/04/2018 WW Region!
Revision Info:
Not compatible with Rev B!
¤ Problems Resolved:
This release is to patch the WPA2 Key Re-installation Attack (KRACK) Security Vulnerabilities affecting this product.
A WPA2 wireless protocol vulnerability was reported to CERT//CC and public disclosed as: VU#228519 - Wi-Fi Protected Access II (WPA2) handshake traffic can be manipulated to induce nonce and session key reuse.
The following CVE IDs have been assigned to VU#228519. These vulnerabilities in the WPA2 protocol:
• CVE-2017-13077: re-installation of the pairwise key in the Four-way handshake
• CVE-2017-13078: re-installation of the group key in the Four-way handshake
• CVE-2017-13079: re-installation of the integrity group key in the Four-way handshake
• CVE-2017-13080: re-installation of the group key in the Group Key handshake
• CVE-2017-13081: re-installation of the integrity group key in the Group Key handshake
• CVE-2017-13082: accepting a re-transmitted Fast BSS Transition Re-association Request and reinstalling the pairwise key while processing it
• CVE-2017-13084: re-installation of the STK key in the PeerKey handshake
• CVE-2017-13086: re-installation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake
• CVE-2017-13087: re-installation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
• CVE-2017-13088: re-installation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
Enhancements:
1. None.
Get it here:
DAP-1665 (http://support.dlink.com/productinfo.aspx?m=DAP-1665)
Select Rev A from the drop down menu.
Please follow this to update the FW: Link> >FW Update Process (http://forums.dlink.com/index.php?topic=42457.0)