Extreme Networks

Johannes_Dennin · ‎10-16-2017

Hello everyone,
I have some questions due to the expected disclosure today on the attack possible on WPA2 SSIDs.

US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others. Note that as protocol-level issues, most or all correct implementations of the standard will be affected. The CERT/CC and the reporting researcher KU Leuven, will be publicly disclosing these vulnerabilities on 16 October 2017.

Link: https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-tra...

- Is Extreme aware of this?
- Are Fixes ready to be released?
- Is a software fix sufficient or does hardware need to be replaced?

Thanks and best regards,

Johannes

Drew_C · ‎10-25-2017

I changed it to hotfix since its essentially v10.41.01.80 (GA) + Hotfixes for KRACK. If we incremented the other numbers in the version, some might assume it includes new features.

Ronald_Dvorak · ‎10-25-2017

Never seen that sentence before but I hope it's a synonym for ... it includes the fix for my open ticket 

Drew_C · ‎10-25-2017

I'll find out... I wondered the same when I was asked to post it 🙂

Ronald_Dvorak · ‎10-25-2017

10.41.01.81 – Up-issue (AP3700, AP3800, AP3900) (Target: October 27, 2017)

What does "up-issue" mean ?

Kyle_Stanford · ‎10-24-2017

All,

As a note, the AP7532 image was not included in the RFS6000 5.8.6.7 image. If you want the controller to auto upgrade the APs, also grab the 7532 image and use the 'device-upgrade load-image ap7532 ftp://X.X.X.X command to get it integrated into your RFS.

Extreme Networks

KRACK attack on WPA2

KRACK attack on WPA2