Lucene search
AppleCVELIST:CVE-2014-4364HistorySep 18, 2014 - 10:00 a.m.
CVE-2014-4364
2014-09-1810:00:00
apple
www.cve.org
The 802.1X subsystem in Apple iOS before 8 and Apple TV before 7 does not require strong authentication methods, which allows remote attackers to calculate credentials by offering LEAP authentication from a crafted Wi-Fi AP and then performing a cryptographic attack against the MS-CHAPv1 hash.
References
archives.neohapsis.com/archives/bugtraq/2014-09/0106.html
archives.neohapsis.com/archives/bugtraq/2014-09/0107.html
archives.neohapsis.com/archives/bugtraq/2014-10/0101.html
support.apple.com/kb/HT6441
support.apple.com/kb/HT6442
www.securityfocus.com/bid/69882
www.securityfocus.com/bid/69913
www.securitytracker.com/id/1030866
exchange.xforce.ibmcloud.com/vulnerabilities/96097
support.apple.com/kb/HT6535
Related
cve
cve
CVE-2014-4364
2014-09-18 10:55:08
prion
prion
Authentication flaw
2014-09-18 10:55:00
nvd
nvd
CVE-2014-4364
2014-09-18 10:55:08
securityvulns
securityvulns
Apple TV multiple security vulnerabilities
2014-09-21 00:00:00
APPLE-SA-2014-09-17-2 Apple TV 7
2014-09-21 00:00:00
APPLE-SA-2014-10-16-1 OS X Yosemite v10.10
2014-10-18 00:00:00
nessus
nessus
Apple TV < 7 Multiple Vulnerabilities
2014-09-24 00:00:00
Mac OS X < 10.10 Multiple Vulnerabilities (POODLE) (Shellshock)
2014-10-17 00:00:00
openvas
openvas
Apple Mac OS X Security Update (HT203112)
2022-09-02 00:00:00