Apple plugs Airport Extreme Base Station firmware flaw

Apple has patched a denial of service vulnerability in its Airport Extreme Base Station firmware.In an advisory Wednesday Apple said firmware version 7.

Apple has patched a denial of service vulnerability in its Airport Extreme Base Station firmware.

In an advisory Wednesday Apple said firmware version 7.3.1 patches a vulnerability where a "maliciously crafted AFP request may lead to a denial of service."

Here's the description for CVE-2008-1012:

An input validation issue exists in the AirPort Extreme Base Station's handling of AFP requests, which may cause file sharing to become unresponsive. This update addresses the issue by performing additional validation of AFP requests. This issue does not affect Time Capsule or AirPort Express. The fix for this issue is available in the following separate updates: - - AirPort Extreme with 802.11n (Fast Ethernet) 7.3.1 - - AirPort Extreme with 802.11n (Gigabit Ethernet) 7.3.1 Credit to Alex deVries for reporting this issue.

The firmware update is the latest in a busy patch week for Apple, which updated Safari and OS X to plug security vulnerabilities. David Morgenstern has more on the functionality of the Airport update and has followed up on issues resulting from the other patches from Apple this week.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All
See All