WPA 信息泄露漏洞

漏洞信息详情

WPA 信息泄露漏洞

CNNVD编号：CNNVD-201904-567
危害等级：中危-->
危害等级：中危
CVE编号： CVE-2019-9494
漏洞类型：信息泄露
发布时间： 2019-04-10
威胁类型：远程
更新时间： 2021-11-04
厂商：
漏洞来源： Mathy Vanhoef (New...

漏洞简介

WPA是美国Wi-Fi联盟（Wi-Fi Alliance）的一套Wi-Fi访问保护方案，包括安全协议和安全认证程序。

WPA3中存在信息泄露漏洞，该漏洞源于网络系统或产品在运行过程中存在配置等错误。未授权的攻击者可利用漏洞获取受影响组件敏感信息。

漏洞公告

目前厂商已发布升级补丁以修复漏洞，补丁获取链接：

https://w1.fi/security/2019-1/sae-side-channel-attacks.txt

参考网址

来源:BUGTRAQ

链接:https://seclists.org/bugtraq/2019/May/40

来源:FEDORA

链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/

来源:MISC

链接:https://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html

来源:CONFIRM

链接:https://w1.fi/security/2019-1/

来源:MISC

链接:http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html

来源:FREEBSD

链接:https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc

来源:FEDORA

链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/

来源:CONFIRM

链接:https://www.synology.com/security/advisory/Synology_SA_19_16

来源:www.wi-fi.org

链接:https://www.wi-fi.org/news-events/newsroom/wi-fi-alliance-security-update-april-2019

来源:www.wi-fi.org

链接:http://www.wi-fi.org/index.php

来源:github.com

链接:https://github.com/vanhoefm/dragonslayer

来源:github.com

链接:https://github.com/vanhoefm/dragonforce

来源:papers.mathyvanhoef.com

链接:https://papers.mathyvanhoef.com/dragonblood.pdf

来源:wpa3.mathyvanhoef.com

链接:https://wpa3.mathyvanhoef.com/

来源:seclists.org

链接:https://seclists.org/oss-sec/2019/q2/16

来源:FEDORA

链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/

来源:SUSE

链接:http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html

来源:security.freebsd.org

链接:https://security.freebsd.org/advisories/FreeBSD-SA-19:03.wpa.asc

来源:www.debian.org

链接:http://www.debian.org/security/2019/dsa-4430

来源:fortiguard.com

链接:https://fortiguard.com/psirt/FG-IR-19-107

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.0047/

来源:www.securityfocus.com

链接:https://www.securityfocus.com/bid/107864

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html

来源:nvd.nist.gov

链接:https://nvd.nist.gov/vuln/detail/CVE-2019-9494

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.4125/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/81182

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/78946

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2019.1775/

受影响实体

暂无

补丁

WPA 安全漏洞的修复措施

正文

WPA 信息泄露漏洞

漏洞信息详情