CVE-2007-1338
Summary
| CVE | CVE-2007-1338 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2007-03-08 22:19:00 UTC |
| Updated | 2017-07-29 01:30:00 UTC |
| Description | The default configuration of the AirPort utility in Apple AirPort Extreme creates an IPv6 tunnel but does not enable the "Block incoming IPv6 connections" setting, which might allow remote attackers to bypass intended access restrictions by establishing IPv6 sessions that would have been rejected over IPv4. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Apple | Airport Extreme | 7.1 | All | All | All |
| Hardware | Apple | Airport Extreme | 7.1 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| SecurityTracker.com Archives - AirPort Extreme Base Station with 802.11n Discloses Filenames to Remote Users and Allows Incoming IPv6 Connections | SECTRACK | www.securitytracker.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| New Airport Extreme could expose Macs via IPv6 | MISC | arstechnica.com | |
| About the security content of Firmware Update 7.1 for AirPort Extreme Base Station with 802.11n | CONFIRM | docs.info.apple.com | |
| APPLE-SA-2007-04-09 Firmware version 7.1 for AirPort Extreme Base Station with 802.11n* | APPLE | lists.apple.com | |
| 34843 | OSVDB | osvdb.org | |
| Apple AirPort Extreme Base Station Two Weaknesses - Advisories - Secunia | SECUNIA | secunia.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.