Lucene search

[email protected]CVE-2007-1338

HistoryMar 08, 2007 - 10:19 p.m.

CVE-2007-1338

2007-03-0822:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

apple

airport extreme

ipv6

tunnel

access restrictions

security vulnerability

cve-2007-1338

6.5 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.018 Low

EPSS

Percentile

88.2%

JSON

The default configuration of the AirPort utility in Apple AirPort Extreme creates an IPv6 tunnel but does not enable the “Block incoming IPv6 connections” setting, which might allow remote attackers to bypass intended access restrictions by establishing IPv6 sessions that would have been rejected over IPv4.

CPENameOperatorVersion
apple:airport_extremeapple airport extremeeq7.1

CPE	Name	Operator	Version
apple:airport_extreme	apple airport extreme	eq	7.1

References

arstechnica.com/journals/apple.ars/2007/2/14/7063

docs.info.apple.com/article.html?artnum=305366

lists.apple.com/archives/security-announce/2007/Apr/msg00000.html

osvdb.org/34843

secunia.com/advisories/24830

www.securitytracker.com/id?1017889

www.vupen.com/english/advisories/2007/1308

exchange.xforce.ibmcloud.com/vulnerabilities/33526

6.5 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.018 Low

EPSS

Percentile

88.2%

JSON

Related for CVE-2007-1338

securityvulns1 prion1 cvelist1