Details of VAR-200703-0045

ID

VAR-200703-0045

CVE

CVE-2007-1338

TITLE

Apple AirPort Extreme of AirPort Vulnerability that bypasses access restrictions in utility default settings

Trust: 0.8

sources: JVNDB: JVNDB-2007-001668

DESCRIPTION

The default configuration of the AirPort utility in Apple AirPort Extreme creates an IPv6 tunnel but does not enable the "Block incoming IPv6 connections" setting, which might allow remote attackers to bypass intended access restrictions by establishing IPv6 sessions that would have been rejected over IPv4. Airport Extreme is prone to a security bypass vulnerability. ---------------------------------------------------------------------- Secunia customers receive relevant and filtered advisories. Delivery is done via different channels including SMS, Email, Web, and https based XML feed. http://corporate.secunia.com/trial/38/request/ ---------------------------------------------------------------------- TITLE: Apple AirPort Extreme Base Station Two Weaknesses SECUNIA ADVISORY ID: SA24830 VERIFY ADVISORY: http://secunia.com/advisories/24830/ CRITICAL: Less critical IMPACT: Security Bypass, Exposure of system information, Exposure of sensitive information WHERE: >From remote OPERATING SYSTEM: Apple Airport Extreme http://secunia.com/product/4504/ DESCRIPTION: Two weaknesses have been reported in Apple AirPort Extreme Base Station, which can be exploited by malicious people to bypass certain security restrictions or to disclose certain sensitive information. 2) An unspecified error in the AirPort Disk Feature of AirPort Extreme Base Stations with 802.11n can be exploited to disclose filenames on password-protected disks. Successful exploitation of weakness #2 requires access to the local network. SOLUTION: Update to firmware version 7.1. http://www.apple.com/support/downloads/airportextremebasestationwith80211nfirmware71.html PROVIDED AND/OR DISCOVERED BY: 1) Iljitsch van Beijnum 2) Reported by the vendor ORIGINAL ADVISORY: Apple: http://docs.info.apple.com/article.html?artnum=305366 1) http://arstechnica.com/journals/apple.ars/2007/2/14/7063 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2007-1338 // JVNDB: JVNDB-2007-001668 // BID: 86542 // VULHUB: VHN-24700 // PACKETSTORM: 55805

AFFECTED PRODUCTS

vendor:	apple	model:	airport extreme	scope:	eq	version:	7.1	Trust: 1.9
vendor:	apple	model:	airport extreme	scope:	-	version:	-	Trust: 0.8

sources: BID: 86542 // JVNDB: JVNDB-2007-001668 // CNNVD: CNNVD-200703-270 // NVD: CVE-2007-1338

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2007-1338
value:	HIGH
Trust: 1.0
NVD:	CVE-2007-1338
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200703-270
value:	HIGH
Trust: 0.6
VULHUB:	VHN-24700
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2007-1338
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-24700
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-24700 // JVNDB: JVNDB-2007-001668 // CNNVD: CNNVD-200703-270 // NVD: CVE-2007-1338

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2007-1338

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200703-270

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200703-270

CONFIGURATIONS

sources: JVNDB: JVNDB-2007-001668

PATCH

title:

APPLE-SA-2007-04-09

url:

http://lists.apple.com/archives/security-announce/2007/Apr/msg00000.html

Trust: 0.8

sources: JVNDB: JVNDB-2007-001668

EXTERNAL IDS

db:	NVD	id:	CVE-2007-1338	Trust: 2.8
db:	SECTRACK	id:	1017889	Trust: 2.0
db:	SECUNIA	id:	24830	Trust: 1.8
db:	OSVDB	id:	34843	Trust: 1.7
db:	VUPEN	id:	ADV-2007-1308	Trust: 1.7
db:	XF	id:	33526	Trust: 0.9
db:	JVNDB	id:	JVNDB-2007-001668	Trust: 0.8
db:	CNNVD	id:	CNNVD-200703-270	Trust: 0.7
db:	APPLE	id:	APPLE-SA-2007-04-09	Trust: 0.6
db:	XF	id:	6	Trust: 0.6
db:	BID	id:	86542	Trust: 0.4
db:	VULHUB	id:	VHN-24700	Trust: 0.1
db:	PACKETSTORM	id:	55805	Trust: 0.1

sources: VULHUB: VHN-24700 // BID: 86542 // JVNDB: JVNDB-2007-001668 // PACKETSTORM: 55805 // CNNVD: CNNVD-200703-270 // NVD: CVE-2007-1338

REFERENCES

url:	http://docs.info.apple.com/article.html?artnum=305366	Trust: 2.1
url:	http://arstechnica.com/journals/apple.ars/2007/2/14/7063	Trust: 2.1
url:	http://lists.apple.com/archives/security-announce/2007/apr/msg00000.html	Trust: 2.0
url:	http://www.securitytracker.com/id?1017889	Trust: 2.0
url:	http://osvdb.org/34843	Trust: 1.7
url:	http://secunia.com/advisories/24830	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2007/1308	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/33526	Trust: 1.1
url:	http://xforce.iss.net/xforce/xfdb/33526	Trust: 0.9
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1338	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-1338	Trust: 0.8
url:	http://www.frsirt.com/english/advisories/2007/1308	Trust: 0.6
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://corporate.secunia.com/trial/38/request/	Trust: 0.1
url:	http://www.apple.com/support/downloads/airportextremebasestationwith80211nfirmware71.html	Trust: 0.1
url:	http://secunia.com/advisories/24830/	Trust: 0.1
url:	http://secunia.com/product/4504/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1

sources: VULHUB: VHN-24700 // BID: 86542 // JVNDB: JVNDB-2007-001668 // PACKETSTORM: 55805 // CNNVD: CNNVD-200703-270 // NVD: CVE-2007-1338

CREDITS

Unknown

Trust: 0.3

sources: BID: 86542

SOURCES

db:	VULHUB	id:	VHN-24700
db:	BID	id:	86542
db:	JVNDB	id:	JVNDB-2007-001668
db:	PACKETSTORM	id:	55805
db:	CNNVD	id:	CNNVD-200703-270
db:	NVD	id:	CVE-2007-1338

LAST UPDATE DATE

2025-04-10T20:25:30.960000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-24700	date:	2017-07-29T00:00:00
db:	BID	id:	86542	date:	2007-03-08T00:00:00
db:	JVNDB	id:	JVNDB-2007-001668	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200703-270	date:	2007-03-09T00:00:00
db:	NVD	id:	CVE-2007-1338	date:	2025-04-09T00:30:58.490

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-24700	date:	2007-03-08T00:00:00
db:	BID	id:	86542	date:	2007-03-08T00:00:00
db:	JVNDB	id:	JVNDB-2007-001668	date:	2012-06-26T00:00:00
db:	PACKETSTORM	id:	55805	date:	2007-04-11T02:12:21
db:	CNNVD	id:	CNNVD-200703-270	date:	2007-03-08T00:00:00
db:	NVD	id:	CVE-2007-1338	date:	2007-03-08T22:19:00