Apple issues an update to fix three security issues affecting its AirPort Base Station and Time Capsule products. The most serious of the issues could allow a remote user to cause a denial of service, inject forged packets and observe private network traffic.
Apple plugged three security
in the latest update of its AirPort Base Station and Time
Capsule products, including a serious vulnerability in the implementation
of the IPv6 Neighbor Discovery Protocol.
The aforementioned bug leaves users open to attack via a maliciously crafted
message due to improper validation of the origin of Neighbor Discovery messages.
According to Apple, a remote user can exploit the situation to cause a
denial of service, observe private network traffic or inject forged packets.
The update resolves the issue by performing additional validation of
The latest releases, Version 7.4.1, also fix two issues that could be
exploited to cause a denial-of-service condition. One is an implementation
issue in the handling of incoming ICMPv6 "Packet Too Big" messages. When IPv6
support is enabled, IPv6 nodes use Internet Control Message Protocol Version 6
(ICMPv6) to report errors encountered while processing packets. Improper
handling of ICMPv6 messages can cause the device to shut down unexpectedly,
The final bug is due to an out-of-bounds memory access issue that exists in
the handling of Point-to-Point Protocol over Ethernet (PPPoE) discovery
packets. An attacker could exploit the vulnerability by sending a maliciously crafted
PPPoE discovery packet.
"Firmware Version 7.4.1 is installed into Time Capsule or AirPort Base
Station with 802.11n via AirPort Utility, provided with the device," according
to Apple. "AirPort Utility 5.4.1 or later should be installed before upgrading
to firmware Version 7.4.1. AirPort Utility 5.4.1 or later may be obtained through the Apple