Wireless Access

Reply
Regular Contributor I

Re: WPA2 Vulnerability Discussion

What is OKC?  

 

The FAQ link above mentions that if 802.11r Fast BS is not in use on the controllers your are not vulnerable with the exception of controllers using the "Mesh" feature of the Aruba OS. 

I validated all our controllers with the "show wlan dot11r-profile" command and saw all our reference counts are zero.  So with the exception of our mesh controllers we should not be affected correct?

 

Contributor I

Re: WPA2 Vulnerability Discussion

I can't seem to find 6.4.4.16 on the download site..

Is anybody aware of when the patch releases will actually be made available for download?


Screen Shot 2017-10-16 at 7.36.11 AM.png

Regular Contributor II

Re: WPA2 Vulnerability Discussion

We have some AP-125s they are running 6.4.2.x code. Can they run the 6.4.4.16 the patch for this vulnerability. Everything I read says it can run 6.4 code. It does not say 6.4.2.x, 6.4.3.x or 6.4.4.x.

Frequent Contributor II

Re: WPA2 Vulnerability Discussion

The tree is too long to capture, but look here

6.4.4.16.PNG

 


Bruce Osborne - Wireless Engineer
ACCP, ACMP
New Contributor

Re: WPA2 Vulnerability Discussion

Seeing the same. 6.4.4.16 is not availlable to download yet looks like?

Frequent Contributor II

Re: WPA2 Vulnerability Discussion


jcameron wrote:

We have some AP-125s they are running 6.4.2.x code. Can they run the 6.4.4.16 the patch for this vulnerability. Everything I read says it can run 6.4 code. It does not say 6.4.2.x, 6.4.3.x or 6.4.4.x.


We have been running 6.4.4.x code on AP-125 for quite a while. 6.4.4.16 also has a fix we have been testing for a while.

 

The software was available for customers last week.


Bruce Osborne - Wireless Engineer
ACCP, ACMP
Contributor I

Re: WPA2 Vulnerability Discussion

They put it under "conservative releases" for some reason.

 

 

Screen Shot 2017-10-16 at 7.44.17 AM.png

Frequent Contributor II

Re: WPA2 Vulnerability Discussion


islander91 wrote:

Seeing the same. 6.4.4.16 is not availlable to download yet looks like?


Sign in and look under "Conservative Releases". If you cannot sign in, look under "Lifetime Warranty Software" for the publicly released files.


Bruce Osborne - Wireless Engineer
ACCP, ACMP
Contributor II

Re: WPA2 Vulnerability Discussion

So to make a recap.

 

   If you are not using 802.11r and have Mesh disabled you are not vulnerable to the attack. Its that true?

 

Regards

Contributor I

Re: WPA2 Vulnerability Discussion

Hum.

I have a 3200 controller.

It's not clear to me which one of these images I should be trying to install on my controller.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: