Apple closes holes in new AirPort Extreme Base Stations
Apple has provided a firmware update to fix two vulnerabilities in their AirPort Extreme WLAN base stations with 802.11n support, which may expose networks to unauthorised access by remote attackers and may also disclose file names. According to Apple, the new Firmware Version 7.1 remedies a vulnerability in the default configuration, which allows packets with the new Internet protocol IPv6 to pass the base station without being filtered.
Older firmware versions also allow attackers to read file names from a password-protected AirPort drive even without access to the password. Owners of an 802.11n-enabled AirPort Extreme Base Station are advised to use the AirPort Utility to install the update as soon as possible.
See also:
- About the security content of Firmware Update 7.1 for AirPort Extreme Base Station with 802.11n, by Apple
(mba)