Sign-up

ID

VAR-E-201012-0906


CVE

cve_id:CVE-2009-2189

Trust: 0.3

sources: BID: 45490

TITLE

Apple Time Capsule and AirPort Base Station (CVE-2009-2189) Remote Denial of Service Vulnerability

Trust: 0.3

sources: BID: 45490

DESCRIPTION

Apple Time Capsule and AirPort Base Station are prone to a remote denial-of-service vulnerability when handling an overly large quantity of Router Advertisement (RA) and Neighbor Discovery (ND) packets.
An attacker can exploit this issue to cause an affected device to restart, triggering a denial-of-service condition for legitimate users.
Apple Time Capsule and AirPort Base Station running firmware versions prior to 7.5.2 are affected.
NOTE: This issue was previously discussed in BID 45466 (Apple Time Capsule and AirPort Base Station Multiple Remote Vulnerabilities) but has been given its own record to better document it.

Trust: 0.3

sources: BID: 45490

AFFECTED PRODUCTS

vendor:applemodel:time capsulescope:eqversion:7.5

Trust: 0.3

vendor:applemodel:time capsulescope:eqversion:7.4.2

Trust: 0.3

vendor:applemodel:time capsulescope:eqversion:7.4.1

Trust: 0.3

vendor:applemodel:time capsulescope:eqversion:0

Trust: 0.3

vendor:applemodel:airport extremescope:eqversion:7.4.2

Trust: 0.3

vendor:applemodel:airport extremescope:eqversion:7.3.1

Trust: 0.3

vendor:applemodel:airport extremescope:eqversion:7.2.1

Trust: 0.3

vendor:applemodel:airport extremescope:eqversion:5.7

Trust: 0.3

vendor:applemodel:airport extremescope:eqversion:5.5

Trust: 0.3

vendor:applemodel:airport extremescope:eqversion:7.5

Trust: 0.3

vendor:applemodel:airport extremescope:eqversion:7.1

Trust: 0.3

vendor:applemodel:airport extremescope:eqversion:7.0

Trust: 0.3

vendor:applemodel:airport extreme base station with 802.11nscope:eqversion:7.4.1

Trust: 0.3

vendor:applemodel:airport extreme base stationscope:eqversion:0

Trust: 0.3

vendor:applemodel:airport extremescope:eqversion:5.4.1

Trust: 0.3

vendor:applemodel:airport extremescope:eqversion:5.0.4

Trust: 0.3

vendor:applemodel:airport extremescope:eqversion:5.0.3

Trust: 0.3

vendor:applemodel:airport extremescope:eqversion:5.0.1

Trust: 0.3

vendor:applemodel:airport extremescope:eqversion:5.4+

Trust: 0.3

vendor:applemodel:airport extremescope:eqversion:0

Trust: 0.3

vendor:applemodel:airport express base station with 802.11nscope:eqversion:7.4.1

Trust: 0.3

vendor:applemodel:airport expressscope:eqversion:0

Trust: 0.3

vendor:applemodel:time capsulescope:neversion:7.5.2

Trust: 0.3

vendor:applemodel:airport extreme base station with 802.11nscope:neversion:7.5.2

Trust: 0.3

vendor:applemodel:airport express base station with 802.11nscope:neversion:7.5.2

Trust: 0.3

sources: BID: 45490

EXPLOIT

An attacker can exploit this issue with readily available network utilities.

Trust: 0.3

sources: BID: 45490

PRICE

Free

Trust: 0.3

sources: BID: 45490

TYPE

Unknown

Trust: 0.3

sources: BID: 45490

CREDITS

Shoichi Sakane of the KAME project, Kanai Akira of Internet Multifeed Co., Shirahata Shin and Rodney Van Meter of Keio University, and Tatuya Jinmei of Internet Systems Consortium, Inc.

Trust: 0.3

sources: BID: 45490

EXTERNAL IDS

db:NVDid:CVE-2009-2189

Trust: 0.3

db:BIDid:45490

Trust: 0.3

sources: BID: 45490

REFERENCES

url:http://software.cisco.com/download/navigator.html?mdfid=283613663

Trust: 0.3

sources: BID: 45490

SOURCES

db:BIDid:45490

LAST UPDATE DATE

2022-07-27T09:35:55.198000+00:00


SOURCES UPDATE DATE

db:BIDid:45490date:2010-12-16T00:00:00

SOURCES RELEASE DATE

db:BIDid:45490date:2010-12-16T00:00:00