SecurityTracker.com Archives - AirPort Extreme Base Station AFP Input Validation Flaw Lets Remote Users Deny Service

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

SecurityTracker Alert ID: 1019678

SecurityTracker URL: http://securitytracker.com/id?1019678

CVE Reference: CVE-2008-1012 (Links to External Site)

Date: Mar 20 2008

Impact: Denial of service via network

Fix Available: Yes Vendor Confirmed: Yes

Advisory: Apple Security Advisory

Version(s): prior to 7.3.1

Description: A vulnerability was reported in AirPort Extreme Base Station. A remote user can cause denial of service conditions.

A remote user can send a specially crafted AFP request to cause file sharing to become unresponsive.

The Fast Ethernet and Gigabit Ethernet models are affected.

Time Capsule and AirPort Express are not affected.

Alex deVries reported this vulnerability.

Impact: A remote user can cause denial of service conditions.

Solution: The vendor has issued a firmware fix (7.3.1).

The vendor's advisory is available at:

http://support.apple.com/kb/HT1226

Vendor URL: support.apple.com/kb/HT1226 (Links to External Site)

Cause: Input validation error

Message History: None.

Date: Wed, 19 Mar 2008 19:19:09 -0500
Subject: About the security content of AirPort Extreme Base Station Firmware 7.3.1

 
 
http://support.apple.com/kb/HT1226
 
CVE-ID: CVE-2008-1012

Home | View Topics | Search | Contact Us | Help
Copyright 2007, SecurityGlobal.net LLC