ID: 3363
Date: 30 August 2007 10:26
Title: 3363 - Firmware version 7.2.1 for AirPort Extreme 802.11n* base stations
Abstract: A design issue exists in the IPv6 protocol's handling of type 0 routing headers.
Vendors affected:APPLE
Availability of fix: Available
Type of fix: Patch
Source: Apple
Reliability of source: Trusted
Source URL: http://docs.info.apple.com/article.html?artnum=61798
CVE: CVE-2007-2242
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2007-08-29 Firmware version 7.2.1 for AirPort Extreme 802.11n* base stations
Firmware version 7.2.1 is now available for AirPort Extreme 802.11n* base stations. (* Based on an IEEE 802.11n draft specification) Further information on the base station is available via:
http://www.apple.com/airportextreme/
Firmware version 7.2.1 fixes the following security issue:
AirPort Extreme Base Station with 802.11n*
CVE-ID: CVE-2007-2242
Available for: AirPort Extreme Base Station with 802.11n*
Impact: Remote attackers may be able to adversely affect network performance
Description: A design issue exists in the IPv6 protocol's handling of type 0 routing headers. Depending on network topology and capacity, the reception of specially crafted IPv6 packets may lead to a reduction in network bandwidth. This update addresses the issue by disabling the support for type 0 routing headers. This issue does not affect the Gigabit Ethernet version of AirPort Extreme Base Station with 802.11n*.
Installation note for Firmware version 7.2.1
Firmware version 7.2.1 is installed into an AirPort Extreme Base Station with 802.11n* by running the AirPort Utility which is provided with the Base Station.
Information will also be posted to the Apple Security Updates web site:
http://docs.info.apple.com/article.html?artnum=61798
This message is signed with Apple's Product Security PGP key, and details are available at:
http://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.6 (Build 6060)
iQEVAwUBRtXM7MgAoqu4Rp5tAQgZ1gf/aPB1d1u6oL9X90fXS3Y9Uwv+/EdaPFNg
9Sd3mv1L2g7/UjXHLF7T6mjGmx303h3nYRX5LvZpU8tfB4t59X67IPjOfp/xkF77
sPgMv2s1eYeLXnKgNd+pCukVcVyeucHqDIo0qDcUukmkVouXFyYMOpD9DhqdgYre
I4ePirMHt+FBHZ5Vz+DZBZtIYTtD5XJY3G14XEYWSMHCNZypTpYxnuweoYP43mt5
MpesCELJE9zotgKKhsTEqaguipFP4z/gqtiRgnxbAeRT3mjc/RnsT4n2u1EBLqBN
3dHwv8mKFbrMIbiPqCDQeZU21bAtdRQNpswc+u+WkDetsS+W0b1Mlg==
=UChZ
-----END PGP SIGNATURE-----
This advisory contains information released by the original author. Some of the information may have changed since it was released. If the issue affects you, it may be prudent to retrieve the advisory from the site of the original source to ensure that you receive the most current information concerning that problem. Reference to any specific commercial product, process, or service by trade name, trademark manufacturer, or otherwise, does not constitute or imply its endorsement, recommendation, or favouring by CPNI.
The views and opinions of authors expressed within this notice shall not be used for advertising or product endorsement purposes. CPNI shall not accept responsibility for any errors or omissions contained within this advisory. In particular, they shall not be liable for any loss or damage whatsoever, arising from or in connection with the usage of information contained within this advisory.
CSIRTUK is a member of the Forum of Incident Response and Security Teams (FIRST) and has contacts with other international Incident Response Teams (IRTs) in order to foster cooperation and coordination in incident prevention, to prompt rapid reaction to incidents, and to promote information sharing amongst its members and the community at large.