Apple Airport Extreme Wi-Fi flaw triggers kernel panic

A new vulnerability in Apple's Airport Extreme dealing with 802.11 beacon frames has been partially disclosed by the MoKB project.  The discovery was made by researcher LMH (who started the MoKB) on 11/6/2006 and was reported to Apple on 11/25/2006 with case number #4849XXX.  It's currently rated as a "denial of service" flaw though "other security implications" may indicate more serious flaws that haven't been disclosed yet.

LMH and Apple have agreed to keep details of this vulnerability private until the fix has been made available to end users.  The proof of concept for a Metasploit 3.0 module may become available after the patch is released.  The issue was verified on an Intel-based Macbook running Mac OS X 10.4.8.

This comes on the heals of Apple patching 31 issues including a zero-day Wi-Fi flaw with Apple's Airport drivers (non-Extreme version).  Those 31 patches Apple did not address the Adware flaw that allowed a system library to install without any user prompting nor did it patch the DMG zero-day flaw.