AVG-451 log
Package | hostapd |
Status | Not affected |
Severity | High |
Type | man-in-the-middle |
Affected | 2.6-5 |
Fixed | Not affected |
Current | 2.11-4 [extra] |
Ticket | None |
Created | Mon Oct 16 17:56:47 2017 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2017-13084 | High | Yes | Man-in-the-middle | A vulnerability has been discovered that allows reinstallation of the short term key (STK) in the PeerKey handshake. |
Notes |
---|
PeerKey implementation in wpa_supplicant is not fully functional and the actual installation of the key into the driver does not work. As such, this item is not applicable in practice. Furthermore, the PeerKey handshake for IEEE 802.11e DLS is obsolete and not known to have been deployed. |