ID CVE-2010-1804
Summary Unspecified vulnerability in the network bridge functionality on the Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station with firmware before 7.5.2 allows remote attackers to cause a denial of service (networking outage) via a crafted DHCP reply.
References
Vulnerable Configurations
  • cpe:2.3:h:apple:airport_express_base_station_firmware:3.84:*:*:*:*:*:*:*
    cpe:2.3:h:apple:airport_express_base_station_firmware:3.84:*:*:*:*:*:*:*
  • cpe:2.3:h:apple:airport_express_base_station_firmware:4.0.9:*:*:*:*:*:*:*
    cpe:2.3:h:apple:airport_express_base_station_firmware:4.0.9:*:*:*:*:*:*:*
  • cpe:2.3:h:apple:airport_express_base_station_firmware:6.1:*:*:*:*:*:*:*
    cpe:2.3:h:apple:airport_express_base_station_firmware:6.1:*:*:*:*:*:*:*
  • cpe:2.3:h:apple:airport_express_base_station_firmware:6.3:*:*:*:*:*:*:*
    cpe:2.3:h:apple:airport_express_base_station_firmware:6.3:*:*:*:*:*:*:*
  • cpe:2.3:h:apple:airport_express_base_station_firmware:7.3.2:*:*:*:*:*:*:*
    cpe:2.3:h:apple:airport_express_base_station_firmware:7.3.2:*:*:*:*:*:*:*
  • cpe:2.3:h:apple:airport_express_base_station_firmware:7.4.1:*:*:*:*:*:*:*
    cpe:2.3:h:apple:airport_express_base_station_firmware:7.4.1:*:*:*:*:*:*:*
  • cpe:2.3:h:apple:airport_extreme_base_station_firmware:5.5:*:*:*:*:*:*:*
    cpe:2.3:h:apple:airport_extreme_base_station_firmware:5.5:*:*:*:*:*:*:*
  • cpe:2.3:h:apple:airport_extreme_base_station_firmware:5.7:*:*:*:*:*:*:*
    cpe:2.3:h:apple:airport_extreme_base_station_firmware:5.7:*:*:*:*:*:*:*
  • cpe:2.3:h:apple:airport_express:*:*:*:*:*:*:*:*
    cpe:2.3:h:apple:airport_express:*:*:*:*:*:*:*:*
  • cpe:2.3:h:apple:airport_extreme:*:*:*:*:*:*:*:*
    cpe:2.3:h:apple:airport_extreme:*:*:*:*:*:*:*:*
  • cpe:2.3:h:apple:time_capsule:*:*:*:*:*:*:*:*
    cpe:2.3:h:apple:time_capsule:*:*:*:*:*:*:*:*
CVSS
Base: 7.1 (as of 19-01-2011 - 06:57)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:C
refmap via4
apple APPLE-SA-2010-12-16-1
confirm http://support.apple.com/kb/HT4298
sectrack 1024907
Last major update 19-01-2011 - 06:57
Published 22-12-2010 - 03:00
Last modified 19-01-2011 - 06:57
Back to Top