Lucene search

[email protected]NVD:CVE-2009-2189

HistoryDec 22, 2010 - 3:00 a.m.

CVE-2009-2189

2010-12-2203:00:01

CWE-399

[email protected]

web.nvd.nist.gov

6.1 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

6.3 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

75.2%

JSON

The ICMPv6 implementation on the Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station with firmware before 7.5.2 does not limit the rate of (1) Router Advertisement and (2) Neighbor Discovery packets, which allows remote attackers to cause a denial of service (resource consumption and device restart) by sending many packets.

Affected configurations

NVD

Node

appleairport_express_base_station_firmwareRange≤7.4.2

appleairport_express_base_station_firmwareMatch3.84

appleairport_express_base_station_firmwareMatch4.0.9

appleairport_express_base_station_firmwareMatch6.1

appleairport_express_base_station_firmwareMatch6.3

appleairport_express_base_station_firmwareMatch7.3.2

appleairport_express_base_station_firmwareMatch7.4.1

appleairport_extreme_base_station_firmwareMatch5.5

appleairport_extreme_base_station_firmwareMatch5.7

AND

appleairport_express

appleairport_extreme

appletime_capsule

References

lists.apple.com/archives/security-announce/2010//Dec/msg00001.html

support.apple.com/kb/HT4298

www.securitytracker.com/id?1024907

6.1 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

6.3 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

75.2%

JSON

Related for NVD:CVE-2009-2189

cve1 jvn1 prion1 cvelist1 nessus1