News Stay informed about the latest enterprise technology news and product updates.

Apple fixes flaws in AirPort Extreme Base Station

Attackers could exploit a pair of flaws in Apple's AirPort Extreme Base Station to bypass security restrictions and access sensitive data. Apple has released a fix.

Apple Inc. has fixed two AirPort Extreme Base Station flaws attackers could exploit to bypass security restrictions...

and access sensitive data.

According to the French Security Incident Response Team (FrSIRT), the first problem is a design error within the default configuration that allows incoming IPv6 connections and traffic to the local network, which could expose network services on hosts connected through a vulnerable station.

"This update addresses the issue by changing the default setting to limit inbound IPv6 traffic to the local network," Apple said in its advisory.

The second problem is an error in the AirPort Disk feature that fails to properly validate access requests. "An issue in the AirPort Disk feature allows users on the local network to view file names -- but not their contents -- on a password-protected disk without providing a password," Apple said.

The flaws affect AirPort Extreme Base Station versions prior to 7.1. Upgrading to firmware version 7.1 will correct the problem.

Both issues only affect the AirPort Extreme Base Station with 802.11n, Apple noted.

Dig Deeper on Wireless network security

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.