Sign-up

ID

VAR-201607-0147


CVE

CVE-2015-7029


TITLE

Apple AirPort Base Station Memory Corruption Vulnerability

Trust: 1.4

sources: CNVD: CNVD-2016-04234 // JVNDB: JVNDB-2016-003312

DESCRIPTION

Apple AirPort Base Station Firmware before 7.6.7 and 7.7.x before 7.7.7 misparses DNS data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Apple AirPort Base Station is a Wi-Fi base station product from Apple Inc. of the United States. The product supports streaming music and wireless printing. The vulnerability results from a program that fails to resolve DNS data correctly. Failed exploit attempts may result in a denial-of-service condition. This issue was addressed through improved bounds checking. CVE-2015-7029 : Alexandre Helie Installation note for Firmware version 7.6.7 and 7.7.7 Firmware version 7.6.7 and 7.7.7 is installed on AirPort Express, AirPort Extreme and AirPort Time Capsule with 802.11n and AirPort Extreme and AirPort Time Capsule base stations with 802.11ac using AirPort Utility for Mac or iOS. Use AirPort Utility 6.3.1 or later on OS X, or AirPort Utility 1.3.1 or later on iOS to upgrade to Firmware version 7.6.7 and 7.7.7. AirPort Utility for Mac is a free download from http://www.apple.com/support/downloads/ and AirPort Utility for iOS is a free download from the App Store. -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXaEXFAAoJEIOj74w0bLRGGtsQAJNPs0WhD2J6HC1VOtiswx/D zyLyMKtkLc0NSbaIZtEOtvnEnJa2cEmkpZBkiGJ+Jjf6CnNKiC/+SXaETDldyL2j 6IFyuUFoSIv2ZsGU4xZVdpQJXGV7N7Az79nBQEPjWLqP/mDKx5b7KoysCQko1xPz mOvse17fCK7cwUjLFb0K1AHjq+1moNimUF/QEgfTZNnQp6zcHZ/ultZWYXVIhjYf Ev10eGVSC33joiqDSNW7a64PDz8KFBSs7zu96oH4S5M7xyY43izF/i81vAaF8Xgh W5kvI5U7omoUvNydVahsoN5o8IcDBjzEHxt2rE9lQustJUcyf15Yg9Z0uYwgXxk+ oLQwpD85vpyQrTneFHGTkiv13r8WQ+e5db7OSpLj7n+12WVC/Qlad7rTpeTFTQRu 08idWidZA6eZPPKHt7vlVdF0uci/eyXHoz34GDoZlijuRLdb8zYBE2svdRvjJgmV whPxjYRdLGU7Ei2iw/NqixUPa8ZWIS6aMEa9scsj2z0ClzwI0Ro+d72J0cui/tzf zrsmR78KIUWc0IiCV76TM/U9jH2TQ8ld5T0hdYnHyI7sU++Tfu2nZpN4sijIsvdz BP8QKCTTIt94OXMN0OBuDqZ7Xn25KBwXsWaPo8vU71O/rgnxZETUGE4cE91FZ9Zh TSW/TU0d6PMcGRZ/fRdM =iDOP -----END PGP SIGNATURE-----

Trust: 2.7

sources: NVD: CVE-2015-7029 // JVNDB: JVNDB-2016-003312 // CNVD: CNVD-2016-04234 // BID: 91318 // VULHUB: VHN-84990 // VULMON: CVE-2015-7029 // PACKETSTORM: 137570

AFFECTED PRODUCTS

vendor:applemodel:airport base stationscope:eqversion:7.7.0

Trust: 1.6

vendor:applemodel:airport base stationscope:eqversion:7.7.3

Trust: 1.6

vendor:applemodel:airport base stationscope:lteversion:7.6.4

Trust: 1.0

vendor:applemodel:airmac base stationscope:ltversion:7.6.7 earlier

Trust: 0.8

vendor:applemodel:airmac base stationscope:ltversion:7.7.7 earlier

Trust: 0.8

vendor:applemodel:airport base stationscope:ltversion:7.6.7

Trust: 0.6

vendor:applemodel:airport base stationscope:ltversion:7.7.7

Trust: 0.6

vendor:applemodel:airport base stationscope:eqversion:7.6.4

Trust: 0.6

vendor:applemodel:airport extremescope:eqversion:0

Trust: 0.3

vendor:applemodel:airport expressscope:eqversion:0

Trust: 0.3

sources: CNVD: CNVD-2016-04234 // BID: 91318 // JVNDB: JVNDB-2016-003312 // CNNVD: CNNVD-201606-479 // NVD: CVE-2015-7029

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-7029
value: CRITICAL

Trust: 1.0

IPA: JVNDB-2016-003312
value: HIGH

Trust: 0.8

CNVD: CNVD-2016-04234
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201606-479
value: CRITICAL

Trust: 0.6

VULHUB: VHN-84990
value: HIGH

Trust: 0.1

VULMON: CVE-2015-7029
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2015-7029
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

IPA: JVNDB-2016-003312
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2016-04234
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-84990
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2015-7029
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.0

NVD: JVNDB-2016-003312
baseSeverity: HIGH
baseScore: 7.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: LOW
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2016-04234 // VULHUB: VHN-84990 // VULMON: CVE-2015-7029 // JVNDB: JVNDB-2016-003312 // CNNVD: CNNVD-201606-479 // NVD: CVE-2015-7029

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.1

sources: VULHUB: VHN-84990 // NVD: CVE-2015-7029

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201606-479

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201606-479

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-003312

PATCH
title:Apple security updatesurl:https://support.apple.com/en-us/HT201222
Trust: 0.8
title:APPLE-SA-2016-06-20-1 AirPort Base Station Firmware Update 7.6.7 and 7.7.7url:http://lists.apple.com/archives/security-announce/2016/Jun/msg00000.html
Trust: 0.8
title:HT206849url:https://support.apple.com/en-us/HT206849
Trust: 0.8
title:HT206849url:https://support.apple.com/ja-jp/HT206849
Trust: 0.8
title:Patch for Apple AirPort Base Station Memory Corruption Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/78018
Trust: 0.6
title:Apple AirPort Base Station Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=62405
Trust: 0.6
title:Apple: AirPort Base Station Firmware Update 7.6.7 and 7.7.7url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=c804b742fffe69934e190558d5f92442
Trust: 0.1
title:Threatposturl:https://threatpost.com/apple-patches-airport-remote-code-execution-flaw/118787/
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2016-04234 // 
            
            
            
            VULMON: CVE-2015-7029 // 
            
            
            
            JVNDB: JVNDB-2016-003312 // 
            
            
            
            CNNVD: CNNVD-201606-479

EXTERNAL IDS
db:NVDid:CVE-2015-7029
Trust: 3.6
db:AUSCERTid:ESB-2016.1562
Trust: 1.2
db:SECTRACKid:1036136
Trust: 1.2
db:JVNid:JVNVU92564194
Trust: 0.8
db:JVNDBid:JVNDB-2016-003312
Trust: 0.8
db:CNNVDid:CNNVD-201606-479
Trust: 0.7
db:CNVDid:CNVD-2016-04234
Trust: 0.6
db:BIDid:91318
Trust: 0.4
db:PACKETSTORMid:137570
Trust: 0.2
db:VULHUBid:VHN-84990
Trust: 0.1
db:VULMONid:CVE-2015-7029
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2016-04234 // 
            
            
            
            VULHUB: VHN-84990 // 
            
            
            
            VULMON: CVE-2015-7029 // 
            
            
            
            BID: 91318 // 
            
            
            
            JVNDB: JVNDB-2016-003312 // 
            
            
            
            PACKETSTORM: 137570 // 
            
            
            
            CNNVD: CNNVD-201606-479 // 
            
            
            
            NVD: CVE-2015-7029

REFERENCES
url:http://lists.apple.com/archives/security-announce/2016/jun/msg00000.html
Trust: 1.8
url:http://www.auscert.org.au/./render.html?it=36050
Trust: 1.2
url:https://support.apple.com/ht206849
Trust: 1.2
url:http://www.securitytracker.com/id/1036136
Trust: 1.2
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7029
Trust: 0.8
url:http://jvn.jp/cert/jvnvu92564194
Trust: 0.8
url:https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7029
Trust: 0.8
url:https://support.apple.com/kb/ht206849
Trust: 0.7
url:https://cwe.mitre.org/data/definitions/119.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://www.securityfocus.com/bid/91318
Trust: 0.1
url:https://threatpost.com/apple-patches-airport-remote-code-execution-flaw/118787/
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2015-7029
Trust: 0.1
url:http://www.apple.com/support/downloads/
Trust: 0.1
url:https://gpgtools.org
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2016-04234 // 
            
            
            
            VULHUB: VHN-84990 // 
            
            
            
            VULMON: CVE-2015-7029 // 
            
            
            
            JVNDB: JVNDB-2016-003312 // 
            
            
            
            PACKETSTORM: 137570 // 
            
            
            
            CNNVD: CNNVD-201606-479 // 
            
            
            
            NVD: CVE-2015-7029

CREDITS
Alexandre Helie
Trust: 0.3
sources:
            
            
            BID: 91318

SOURCES
db:CNVDid:CNVD-2016-04234
db:VULHUBid:VHN-84990
db:VULMONid:CVE-2015-7029
db:BIDid:91318
db:JVNDBid:JVNDB-2016-003312
db:PACKETSTORMid:137570
db:CNNVDid:CNNVD-201606-479
db:NVDid:CVE-2015-7029

LAST UPDATE DATE
2025-04-13T23:26:37.878000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2016-04234date:2016-06-23T00:00:00
db:VULHUBid:VHN-84990date:2017-09-01T00:00:00
db:VULMONid:CVE-2015-7029date:2017-09-01T00:00:00
db:BIDid:91318date:2016-07-06T15:01:00
db:JVNDBid:JVNDB-2016-003312date:2016-07-12T00:00:00
db:CNNVDid:CNNVD-201606-479date:2016-07-04T00:00:00
db:NVDid:CVE-2015-7029date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:CNVDid:CNVD-2016-04234date:2016-06-23T00:00:00
db:VULHUBid:VHN-84990date:2016-07-03T00:00:00
db:VULMONid:CVE-2015-7029date:2016-07-03T00:00:00
db:BIDid:91318date:2016-06-20T00:00:00
db:JVNDBid:JVNDB-2016-003312date:2016-06-23T00:00:00
db:PACKETSTORMid:137570date:2016-06-21T08:09:16
db:CNNVDid:CNNVD-201606-479date:2016-06-21T00:00:00
db:NVDid:CVE-2015-7029date:2016-07-03T01:59:01.657