Apple has rolled out a firmware update to fix a pair of security vulnerabilities in the Airport Extreme Base Station.
The most serious of the two -- a weakness in the way the default configuration of Airport Extreme handles IPv6 connections -- could allow remote hackers to bypass certain access restrictions.
"This may expose network services on hosts connected through an AirPort Extreme Base Station with 802.11n to remote attackers," Apple said in an advisory.
The second vulnerability, in the Airport Disk feature, could allow users on the local network to view filenames (but not their contents) on a password-protected disk without providing a password. AirPort Disk allows the sharing of files from a USB hard drive connected to a compatible base station. only affects AirPort Extreme Base Station with 802.11n*, and not other versions of the Base Station.
The two issues only apply to AirPort Extreme Base Station with 802.11n. Other versions of the Base Station are not affected.
These are the 63rd and 64th vulnerabilities fixed by Apple in 2007.