Details of VAR-200612-0713

ID

VAR-200612-0713

CVE

CVE-2006-6292

TITLE

Apple Airport Extreme fails to properly process 802.11 frames

Trust: 0.8

sources: CERT/CC: VU#583552

DESCRIPTION

Apple Airport Extreme firmware 0.1.27 in Mac OS X 10.4.8 on Mac mini, MacBook, and MacBook Pro with Core Duo hardware allows remote attackers to cause a denial of service (out-of-bounds memory access and kernel panic) and have possibly other security-related impact via certain beacon frames. A vulnerability exists in the Apple AirPort Extreme wireless driver that may allow an attacker to crash a vulnerable system. Successful exploits may allow remote attackers to crash affected computers, denying further service to legitimate users. Attackers may also be able to execute code, but this has not been confirmed. This issue affects the Core Duo versions of Mac Mini, MacBook, and MacBook Pro Computers. Other Mac computers, including Core Duo 2 versions are not affected. ---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links Read the full description: http://corporate.secunia.com/products/48/?r=l Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l ---------------------------------------------------------------------- TITLE: Apple AirPort Beacon Frame Denial of Service SECUNIA ADVISORY ID: SA23159 VERIFY ADVISORY: http://secunia.com/advisories/23159/ CRITICAL: Less critical IMPACT: DoS WHERE: >From remote OPERATING SYSTEM: Apple Macintosh OS X http://secunia.com/product/96/ DESCRIPTION: LMH has reported a vulnerability in the Apple AirPort Extreme driver, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability exists due to an error in the handling of beacon frames and can be exploited to cause a kernel panic. Other versions may also be affected. SOLUTION: Do not use wireless with affected systems. PROVIDED AND/OR DISCOVERED BY: LMH ORIGINAL ADVISORY: http://projects.info-pull.com/mokb/MOKB-30-11-2006.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.79

sources: NVD: CVE-2006-6292 // CERT/CC: VU#583552 // JVNDB: JVNDB-2006-001687 // BID: 21383 // VULHUB: VHN-22400 // PACKETSTORM: 52649

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	eq	version:	10.4.8	Trust: 1.6
vendor:	apple computer	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	apple	model:	airport extreme	scope:	eq	version:	0.1.27	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	mac mini	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	macbook	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	and macbook pro edition 10.4.8	Trust: 0.8
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.8	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.8	Trust: 0.3
vendor:	apple	model:	airport extreme driver	scope:	eq	version:	0	Trust: 0.3

sources: CERT/CC: VU#583552 // BID: 21383 // JVNDB: JVNDB-2006-001687 // CNNVD: CNNVD-200612-073 // NVD: CVE-2006-6292

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2006-6292
value:	MEDIUM
Trust: 1.0
CARNEGIE MELLON:	VU#583552
value:	0.37
Trust: 0.8
NVD:	CVE-2006-6292
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-200612-073
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-22400
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2006-6292
severity:	MEDIUM
baseScore:	5.7
vectorString:	AV:A/AC:M/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	5.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-22400
severity:	MEDIUM
baseScore:	5.7
vectorString:	AV:A/AC:M/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	5.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#583552 // VULHUB: VHN-22400 // JVNDB: JVNDB-2006-001687 // CNNVD: CNNVD-200612-073 // NVD: CVE-2006-6292

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-6292

THREAT TYPE

specific network environment

Trust: 0.6

sources: CNNVD: CNNVD-200612-073

TYPE

Boundary Condition Error

Trust: 0.9

sources: BID: 21383 // CNNVD: CNNVD-200612-073

CONFIGURATIONS

sources: JVNDB: JVNDB-2006-001687

PATCH

title:

APPLE-SA-2007-03-08

url:

http://lists.apple.com/archives/Security-announce/2007/Mar/msg00001.html

Trust: 0.8

sources: JVNDB: JVNDB-2006-001687

EXTERNAL IDS

db:	CERT/CC	id:	VU#583552	Trust: 3.3
db:	NVD	id:	CVE-2006-6292	Trust: 2.8
db:	SECUNIA	id:	23159	Trust: 2.6
db:	BID	id:	21383	Trust: 2.0
db:	SECTRACK	id:	1017328	Trust: 1.7
db:	VUPEN	id:	ADV-2006-4822	Trust: 1.7
db:	JVNDB	id:	JVNDB-2006-001687	Trust: 0.8
db:	CNNVD	id:	CNNVD-200612-073	Trust: 0.7
db:	APPLE	id:	APPLE-SA-2007-01-25	Trust: 0.6
db:	APPLE	id:	APPLE-SA-2007-03-08	Trust: 0.6
db:	XF	id:	30663	Trust: 0.6
db:	VULHUB	id:	VHN-22400	Trust: 0.1
db:	PACKETSTORM	id:	52649	Trust: 0.1

sources: CERT/CC: VU#583552 // VULHUB: VHN-22400 // BID: 21383 // JVNDB: JVNDB-2006-001687 // PACKETSTORM: 52649 // CNNVD: CNNVD-200612-073 // NVD: CVE-2006-6292

REFERENCES

url:	http://projects.info-pull.com/mokb/mokb-30-11-2006.html	Trust: 2.6
url:	http://lists.apple.com/archives/security-announce/2007/jan/msg00001.html	Trust: 2.5
url:	http://www.apple.com/support/downloads/airportextremeupdate2007001.html	Trust: 2.5
url:	http://www.kb.cert.org/vuls/id/583552	Trust: 2.5
url:	http://docs.info.apple.com/article.html?artnum=305031	Trust: 2.0
url:	http://lists.apple.com/archives/security-announce/2007/mar/msg00001.html	Trust: 1.7
url:	http://www.securityfocus.com/bid/21383	Trust: 1.7
url:	http://securitytracker.com/id?1017328	Trust: 1.7
url:	http://secunia.com/advisories/23159	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2006/4822	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/30663	Trust: 1.1
url:	http://secunia.com/advisories/23159/	Trust: 0.9
url:	http://en.wikipedia.org/wiki/airport#airport_extreme_card	Trust: 0.8
url:	http://docs.info.apple.com/article.html?artnum=305031	Trust: 0.8
url:	http://docs.info.apple.com/article.html?artnum=106227	Trust: 0.8
url:	http://standards.ieee.org/getieee802/download/802.11g-2003.pdf	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-6292	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-6292	Trust: 0.8
url:	http://www.frsirt.com/english/advisories/2006/4822	Trust: 0.6
url:	http://xforce.iss.net/xforce/xfdb/30663	Trust: 0.6
url:	http://software.cisco.com/download/navigator.html?mdfid=283613663	Trust: 0.3
url:	http://kernelfun.blogspot.com/2006/11/mokb-30-11-2006-apple-airport-extreme.html	Trust: 0.3
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://corporate.secunia.com/products/48/?r=l	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/product/96/	Trust: 0.1
url:	http://corporate.secunia.com/how_to_buy/15/?r=l	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1

sources: CERT/CC: VU#583552 // VULHUB: VHN-22400 // BID: 21383 // JVNDB: JVNDB-2006-001687 // PACKETSTORM: 52649 // CNNVD: CNNVD-200612-073 // NVD: CVE-2006-6292

CREDITS

LMH is credited with discovering this issue.

Trust: 0.9

sources: BID: 21383 // CNNVD: CNNVD-200612-073

SOURCES

db:	CERT/CC	id:	VU#583552
db:	VULHUB	id:	VHN-22400
db:	BID	id:	21383
db:	JVNDB	id:	JVNDB-2006-001687
db:	PACKETSTORM	id:	52649
db:	CNNVD	id:	CNNVD-200612-073
db:	NVD	id:	CVE-2006-6292

LAST UPDATE DATE

2024-08-14T14:41:55.291000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#583552	date:	2007-02-02T00:00:00
db:	VULHUB	id:	VHN-22400	date:	2017-07-29T00:00:00
db:	BID	id:	21383	date:	2007-03-08T22:15:00
db:	JVNDB	id:	JVNDB-2006-001687	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200612-073	date:	2007-08-07T00:00:00
db:	NVD	id:	CVE-2006-6292	date:	2017-07-29T01:29:27.373

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#583552	date:	2007-02-02T00:00:00
db:	VULHUB	id:	VHN-22400	date:	2006-12-05T00:00:00
db:	BID	id:	21383	date:	2006-12-01T00:00:00
db:	JVNDB	id:	JVNDB-2006-001687	date:	2012-06-26T00:00:00
db:	PACKETSTORM	id:	52649	date:	2006-12-06T02:07:49
db:	CNNVD	id:	CNNVD-200612-073	date:	2006-12-05T00:00:00
db:	NVD	id:	CVE-2006-6292	date:	2006-12-05T11:28:00