381 matches found
SOL15679 - UEFI EDK2 Capsule Update vulnerabilities CVE-2014-4859 / CVE-2014-4860
Recommended action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
UEFI EDK2 Capsule Update vulnerabilities
Overview The EDK2 UEFI reference implementation contains multiple vulnerabilities in the Capsule Update mechanism. Description The open source EDK2 project provides a reference implementation of the Unified Extensible Firmware Interface UEFI. Researchers at The MITRE Corporation have discovered...
Apple AirPort / Time Capsule 帧处理拒绝服务漏洞
CVECAN ID: CVE-2013-5132 Apple Time Capsule是无线的附加到网络的存储设备,组合了Apple生产的无线内置网关路由。Apple AirPort Extreme是针对家庭、学校和小型企业的无线解决方案。 Apple AirPort、Time Capsule 7.6.4之前版本在处理帧时存在错误,本地攻击者发送长度不正确的特制小帧,利用此漏洞可造成意外基站系统中断,导致拒绝服务。 0 Apple Time Capsule 7.6.4 Apple AirPort Express Firmware 7.6.4 厂商补丁: Apple -----...
APPLE-SA-2013-09-06-1 AirPort Base Station Firmware Update 7.6.4
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-09-06-1 AirPort Base Station Firmware Update 7.6.4 AirPort Base Station Firmware Update 7.6.4 is now available and addresses the following: Available for: AirPort Extreme Base Station with 802.11n, AirPort Express Base Station with...
Authentication flaw
Time Machine in Apple Mac OS X before 10.7.4 does not require continued use of SRP-based authentication after this authentication method is first used, which allows remote attackers to read Time Capsule credentials by spoofing the backup volume...
CVE-2012-0675
Time Machine in Apple Mac OS X before 10.7.4 does not require continued use of SRP-based authentication after this authentication method is first used, which allows remote attackers to read Time Capsule credentials by spoofing the backup volume...
CVE-2011-3462
Time Machine in Apple Mac OS X before 10.7.3 does not verify the unique identifier of its remote AFP volume or Time Capsule, which allows remote attackers to obtain sensitive information contained in new backups by spoofing this storage object, a different vulnerability than CVE-2010-1803...
Design/Logic Flaw
Time Machine in Apple Mac OS X before 10.7.3 does not verify the unique identifier of its remote AFP volume or Time Capsule, which allows remote attackers to obtain sensitive information contained in new backups by spoofing this storage object, a different vulnerability than CVE-2010-1803...
CVE-2011-3462
Time Machine in Apple Mac OS X before 10.7.3 does not verify the unique identifier of its remote AFP volume or Time Capsule, which allows remote attackers to obtain sensitive information contained in new backups by spoofing this storage object, a different vulnerability than CVE-2010-1803...
CVE-2011-3462
CVE-2011-3462 affects Time Machine in Apple Mac OS X prior to 10.7.3. The vulnerability is due to OS X not verifying the unique identifier of a remote AFP volume/Time Capsule, allowing a remote attacker to spoof the storage object and access new backups. Connected sources confirm the issue and in...
APPLE-SA-2011-11-10-2 Time Capsule and AirPort Base Station (802.11n) Firmware 7.6
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-11-10-2 Time Capsule and AirPort Base Station 802.11n Firmware 7.6 Time Capsule and AirPort Base Station 802.11n Firmware 7.6 is now available and addresses the following: Available for: AirPort Extreme Base Station with 802.11n, AirPort...
Apple Time Capsule and AirPort Base Station (802.11n) Firmware < 7.6 (APPLE-SA-2011-11-10-2)
According to the firmware version collected via SNMP, the copy of dhclient-script included with the remote Apple Time Capsule / AirPort Express Base Station / AirPort Extreme Base Station reportedly fails to strip shell meta-characters in a hostname obtained from a DHCP response. A remote attacke...
CVE-2009-2189
The ICMPv6 implementation on the Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station with firmware before 7.5.2 does not limit the rate of 1 Router Advertisement and 2 Neighbor Discovery packets, which allows remote attackers to cause a denial of service resource...
Command injection
The Application-Level Gateway ALG on the Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station with firmware before 7.5.2 modifies PORT commands in incoming FTP traffic, which allows remote attackers to use the device's IP address for arbitrary intranet TCP traffic by...
CVE-2009-2189
The ICMPv6 implementation on the Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station with firmware before 7.5.2 does not limit the rate of 1 Router Advertisement and 2 Neighbor Discovery packets, which allows remote attackers to cause a denial of service resource...
CVE-2009-2189
The CVE-2009-2189 affects Apple Time Capsule , AirPort Extreme Base Station , and AirPort Express Base Station with firmware before 7.5.2. The ICMPv6 implementation does not limit the rate of (1) Router Advertisement and (2) Neighbor Discovery packets, enabling a remote attacker on the same netwo...
CVE-2010-1804
CVE-2010-1804 affects Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station with firmware
CVE-2009-2189
The ICMPv6 implementation on the Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station with firmware before 7.5.2 does not limit the rate of 1 Router Advertisement and 2 Neighbor Discovery packets, which allows remote attackers to cause a denial of service resource...
CVE-2010-0039
The CVE-2010-0039 issue affects Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station firmware prior to 7.5.2. The root cause is that the Application‑Level Gateway (ALG) modifies PORT commands in incoming FTP traffic, enabling a remote attacker to use the device’s IP ...
Apple Time Capsule and AirPort Base Station Firmware < 7.5.2 (APPLE-SA-2010-12-16-1)
According to the firmware version collected via SNMP, the remote Apple Time Capsule / AirPort Base Station / AirPort Extreme Base Station is affected by multiple remote vulnerabilities. - An integer overflow exists in the 'netsnmpcreatesubtreecache' function that can be exploited using a speciall...