TITLE:
Apple Airport Extreme / Time Capsule Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA34105
VERIFY ADVISORY:
http://secunia.com/advisories/34105/
DESCRIPTION:
Some vulnerabilities have been reported in Apple Airport Extreme and
Time Capsule, which can be exploited by malicious people to conduct
spoofing attacks, disclose potentially sensitive information, or to
cause a DoS (Denial of Service).
1) An error exists in the implementation of the Neighbor Discovery
protocol when processing Neighbor Discovery messages.
For more information:
SA32112
2) An unspecified error exists in the handling of PPPoE discovery
packets. which can be exploited to cause an out-of-bounds memory
access error by sending a specially crafted PPPoE discovery packet.
3) An error exists in the handling of incoming ICMPv6 "Packet Too
Big" messages, which can be exploited to shutdown the device.
This is related to:
SA31745
SOLUTION:
Update to firmware version 7.4.1.
PROVIDED AND/OR DISCOVERED BY:
Reported by vendor.
ORIGINAL ADVISORY:
HT3467:
http://support.apple.com/kb/HT3467
'Hacking' 카테고리의 다른 글
| Socket Capable Browser Plugins Result In Transparent Proxy Abuse (0) | 2009.03.10 |
|---|---|
| Staring Into The Abyss, A Bit Before Cansec (0) | 2009.03.10 |
| DLL injection Wiki (0) | 2009.03.04 |
| DLL Injection (0) | 2009.03.04 |
| MS IE Internet Explorer Two Code Execution Vulnerabilities (0) | 2009.02.11 |
