D-Link Range Extenders > DAP-1330

DAP-1330 KRACK Firmware v1.10B01 BETA Released

(1/1)

GreenBay42:
BETA firmware v1.10B01 has been released. This firmware is a security patch for the WPA2 Vulnerability (KRACK).

Firmware - ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DAP-1330/REVA/DAP-1330_REVA_FIRMWARE_PATCH_v1.10B01_BETA.zip


Release Notes:

Problems Resolved:
A WPA2 wireless protocol vulnerability was reported to CERT//CC and public disclosed as: VU#228519 - Wi-Fi Protected Access II (WPA2) handshake traffic can be manipulated to induce nonce and session key reuse.

The following CVE IDs have been assigned to VU#228519. These vulnerabilities in the WPA2 protocol:
• CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake
• CVE-2017-13078: reinstallation of the group key in the Four-way handshake
• CVE-2017-13079: reinstallation of the integrity group key in the Four-way handshake
• CVE-2017-13080: reinstallation of the group key in the Group Key handshake
• CVE-2017-13081: reinstallation of the integrity group key in the Group Key handshake
• CVE-2017-13082: accepting a retransmitted Fast BSS Transition Re-association Request and reinstalling the pairwise key while processing it
• CVE-2017-13084: reinstallation of the STK key in the PeerKey handshake
• CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake
• CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
• CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame

Navigation

[0] Message Index