CVE-2007-0734
https://notcve.org/view.php?id=CVE-2007-0734
fsck, as used by the AirPort Disk feature of the AirPort Extreme Base Station with 802.11n before Firmware Update 7.1, and by Apple Mac OS X 10.3.9 through 10.4.9, does not properly enforce password protection of a USB hard drive, which allows context-dependent attackers to list arbitrary directories or execute arbitrary code, resulting from memory corruption. fsck, tal y como es usada por la funcionalidad AirPort Disk de la AirPort Extreme Base Station con 802.11n anteriores a Firmware Update 7.1, y por Apple Mac OS X versiones 10.3.9 hasta 10.4.9, no aplica correctamente la protección de contraseña de un disco duro USB, lo que permite a atacantes dependiendo del contexto enumerar directorios arbitrarios o ejecutar código arbitrario, como resultado de una corrupción de memoria. • http://docs.info.apple.com/article.html?artnum=305366 http://docs.info.apple.com/article.html?artnum=305391 http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html http://lists.apple.com/archives/security-announce/2007/Apr/msg00000.html http://secunia.com/advisories/24830 http://secunia.com/advisories/24966 http://www.securityfocus.com/bid/23396 http://www.securityfocus.com/bid/23569 http://www.securitytracker.com/id?1017889 http://www.securitytracker.com/id?101794 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-1338
https://notcve.org/view.php?id=CVE-2007-1338
The default configuration of the AirPort utility in Apple AirPort Extreme creates an IPv6 tunnel but does not enable the "Block incoming IPv6 connections" setting, which might allow remote attackers to bypass intended access restrictions by establishing IPv6 sessions that would have been rejected over IPv4. La configuración por defecto de la utilidad AirPort en Apple AirPort Extreme crea un túnel IPv6 pero no habilita la propiedad "Bloquear conexiones entrantes IPv6", lo cual podría permitir a atacantes remotos evitar restricciones de acceso intencionadas estableciendo sesiones IPv6 que serían rechazadas en IPv4. • http://arstechnica.com/journals/apple.ars/2007/2/14/7063 http://docs.info.apple.com/article.html?artnum=305366 http://lists.apple.com/archives/security-announce/2007/Apr/msg00000.html http://osvdb.org/34843 http://secunia.com/advisories/24830 http://www.securitytracker.com/id?1017889 http://www.vupen.com/english/advisories/2007/1308 https://exchange.xforce.ibmcloud.com/vulnerabilities/33526 •
CVE-2006-6292
https://notcve.org/view.php?id=CVE-2006-6292
Apple Airport Extreme firmware 0.1.27 in Mac OS X 10.4.8 on Mac mini, MacBook, and MacBook Pro with Core Duo hardware allows remote attackers to cause a denial of service (out-of-bounds memory access and kernel panic) and have possibly other security-related impact via certain beacon frames. Apple Airport Extreme firmware 0.1.27 en Mac OS X 10.4.8 permite a atacantes remotos provocar una denegación de servicio (acceso a memoria fuera de rango, y fallo irrecuperable del sistema o kernel panic) y también otros posibles impactos relacionados con la seguridad mediante ciertos marcos (beacon frames). • http://docs.info.apple.com/article.html?artnum=305031 http://lists.apple.com/archives/Security-announce/2007/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2007/Jan/msg00001.html http://projects.info-pull.com/mokb/MOKB-30-11-2006.html http://secunia.com/advisories/23159 http://securitytracker.com/id?1017328 http://www.apple.com/support/downloads/airportextremeupdate2007001.html http://www.kb.cert.org/vuls/id/583552 http://www.securityfocus.com/bid/21383 http: •
CVE-2005-3714
https://notcve.org/view.php?id=CVE-2005-3714
The network interface for Apple AirPort Express 6.x before Firmware Update 6.3, and AirPort Extreme 5.x before Firmware Update 5.7, allows remote attackers to cause a denial of service (unresponsive interface) via malformed packets. • http://lists.apple.com/archives/security-announce/2006/Jan/msg00000.html http://secunia.com/advisories/18319 http://securitytracker.com/id?1015443 http://www.osvdb.org/22244 http://www.securityfocus.com/bid/16146 http://www.vupen.com/english/advisories/2006/0064 • CWE-399: Resource Management Errors •
CVE-2005-0289
https://notcve.org/view.php?id=CVE-2005-0289
Apple AirPort Express prior to 6.1.1 and Extreme prior to 5.5.1, configured as a Wireless Data Service (WDS), allows remote attackers to cause a denial of service (device freeze) by connecting to UDP port 161 and before link-state change occurs. • http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030832.html http://marc.info/?l=bugtraq&m=110582124528867&w=2 http://secunia.com/advisories/13753 http://www.securityfocus.com/bid/12152 https://exchange.xforce.ibmcloud.com/vulnerabilities/18865 •