On last.fm: Free iPhone/iTouch Streaming Radio App
BNET Business Network:
BNET
TechRepublic
ZDNet

April 9th, 2007

Apple swats Airport Base Station security bugs

Posted by Ryan Naraine @ 3:32 pm

Categories: Apple, Browsers, Data theft, Exploit code, Hackers, Metasploit, Microsoft, Patch Watch, Pen testing, Wi-Fi security, Wireless

Tags: Apple Computer Inc., Security, IEEE 802.11n, Security Bug, Ryan Naraine

Apple has rolled out a firmware update to fix a pair of security vulnerabilities in the Airport Extreme Base Station.

The most serious of the two — a weakness in the way the default configuration of Airport Extreme handles IPv6 connections — could allow remote hackers to bypass certain access restrictions.

“This may expose network services on hosts connected through an AirPort Extreme Base Station with 802.11n to remote attackers,” Apple said in an advisory.

The second vulnerability, in the Airport Disk feature, could allow users on the local network to view filenames (but not their contents) on a password-protected disk without providing a password. AirPort Disk allows the sharing of files from a USB hard drive connected to a compatible base station. only affects AirPort Extreme Base Station with 802.11n*, and not other versions of the Base Station.

The two issues only apply to AirPort Extreme Base Station with 802.11n. Other versions of the Base Station are not affected.

These are the 63rd and 64th vulnerabilities fixed by Apple in 2007.

Ryan NaraineRyan Naraine is a journalist and security evangelist at Kaspersky Lab. He manages Threatpost.com, a security news portal. Here is Ryan's full profile and disclosure of his industry affiliations.


Email Ryan Naraine

For daily updates on Ryan's activities, follow him on Twitter.

Subscribe to Zero Day via Email alerts or RSS.

  • Talkback
  • Most Recent of 12 Talkback(s)
I got a brain and bought a Mac - shame 'bout you
Sure glad I don't buy from Apple!!
These are the 63rd and 64th vulnerabilities fixed by Apple in 2007.

Pathetic that they would release their products with so many vulnerabilities in... (Read the rest)
Posted by: timpin1@... Posted on: 04/11/07 You are currently: a Guest | | Terms of Use
Sure glad I don't buy from Apple!!  NonZealot | 04/10/07
Off you go!  Kid Icarus-21097050858087920245213802267493 | 04/10/07
Severe zealot...  rx7racer | 04/10/07
You're kidding right?  MacGeek2121 | 04/10/07
801.n still DRAFT  PPCG4Mac | 04/10/07
Pleeease.. vista fixed 1 million b4 sold even 1  jpl4 | 04/10/07
Apple Users  rkuhn040172@... | 04/10/07
yup.. but by being cheap you spend 3 times more later!!  jpl4 | 04/10/07
Go get a brain. By the time I configured a Dell  labarker | 04/10/07
When my Toshiba was stolen,  eshinee@... | 04/11/07
Security fixes are GOOD! Not fixing is BAD!  MacGeek2121 | 04/10/07
I got a brain and bought a Mac - shame 'bout you  timpin1@... | 04/11/07

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Essential Topics Click Here

advertisement

Recent Entries

advertisement

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

SmartPlanet

Click Here