WVE Recent Entries

WVE Recent Entries http://www.wirelessve.org/ 10 most recent WVE entries en editors@wirelessve.org webmaster@wirelessve.org Fri, 21 Nov 2008 11:46:26 GMT Tue, 18 Nov 2008 16:50:50 GMT http://blogs.law.harvard.edu/tech/rss WVE-2008-0013: TKIP Replay and Plaintext Discovery http://www.wirelessve.org/entries/show/WVE-2008-0013 TKIP is vulnerable to replay (via WMM/QoS) and plaintext discovery (via ChopChop). This affects all WPA-TKIP usage. Tue, 18 Nov 2008 16:50:50 GMT http://www.wirelessve.org/entries/show/WVE-2008-0013 http://www.wirelessve.org/entries/rss WVE-2008-0012: Active Https Cookie Hijacking http://www.wirelessve.org/entries/show/WVE-2008-0012 It is possible to actively capture cookies and use them to impersonate HTTPS sessions on vulnerable websites. Tue, 18 Nov 2008 16:50:14 GMT http://www.wirelessve.org/entries/show/WVE-2008-0012 http://www.wirelessve.org/entries/rss WVE-2008-0011: Auto Immune Attack http://www.wirelessve.org/entries/show/WVE-2008-0011 A condition can be triggered on certain access points to transmit de-authentication and disassociation frames to all clients. Wed, 17 Sep 2008 20:13:27 GMT http://www.wirelessve.org/entries/show/WVE-2008-0011 http://www.wirelessve.org/entries/rss WVE-2008-0010: Marvell Null SSID Association Request http://www.wirelessve.org/entries/show/WVE-2008-0010 Some versions of the Marvell drivers used in access points such as the Netgear WN802T do not correctly parse the SSID information element tag contained in association request frames. Wed, 17 Sep 2008 19:29:24 GMT http://www.wirelessve.org/entries/show/WVE-2008-0010 http://www.wirelessve.org/entries/rss WVE-2008-0009: Marvell EAPOL-Key Length Overflow http://www.wirelessve.org/entries/show/WVE-2008-0009 Some versions of the Marvell wireless driver used in access points such as the Netgear WN802T do not correctly validate the EAPOL key fields. Wed, 17 Sep 2008 19:28:16 GMT http://www.wirelessve.org/entries/show/WVE-2008-0009 http://www.wirelessve.org/entries/rss WVE-2008-0008: Atheros IE Tag Overflow http://www.wirelessve.org/entries/show/WVE-2008-0008 Some Atheros drivers used in access points such as the Linksys WRT350N do not correctly parse the Atheros vendor-specific IE tags. Wed, 17 Sep 2008 19:27:41 GMT http://www.wirelessve.org/entries/show/WVE-2008-0008 http://www.wirelessve.org/entries/rss WVE-2008-0007: Weaknesses in the A5/1 Cipher http://www.wirelessve.org/entries/show/WVE-2008-0007 The A5/1 cipher is vulnerable to an offline key-state attack that allows an attacker to decrypt encrypted information without key knowledge. A5/1 is leveraged by cellular GSM networks to protect voice conversations and SMS messages. Thu, 10 Apr 2008 02:15:03 GMT http://www.wirelessve.org/entries/show/WVE-2008-0007 http://www.wirelessve.org/entries/rss WVE-2008-0006: Block ACK DoS http://www.wirelessve.org/entries/show/WVE-2008-0006 Block acknowledgment window manipulation allows an attacker to mount a DoS attack against 802.11n clients. Thu, 10 Apr 2008 02:14:42 GMT http://www.wirelessve.org/entries/show/WVE-2008-0006 http://www.wirelessve.org/entries/rss WVE-2008-0005: GF Mode WIDS Rogue AP Evasion http://www.wirelessve.org/entries/show/WVE-2008-0005 An optional technology in the 802.11n specification known as Greenfield Mode allows rogue AP devices to evade wireless intrusion detection systems based on pre-802.11n technology. Thu, 10 Apr 2008 02:14:28 GMT http://www.wirelessve.org/entries/show/WVE-2008-0005 http://www.wirelessve.org/entries/rss WVE-2008-0004: HT Intolerant Degradation of Service http://www.wirelessve.org/entries/show/WVE-2008-0004 In Draft 2.0 IEEE 802.11n 2.4 GHz networks, an unauthenticated client can degrade network performance by forcing all devices to revert from 40 MHz to 20 MHz mode. Wed, 09 Apr 2008 22:30:51 GMT http://www.wirelessve.org/entries/show/WVE-2008-0004 http://www.wirelessve.org/entries/rss