You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa AirPort Base Station

Sigurnosni nedostaci programskog paketa AirPort Base Station

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: M
  • Kategorije: APL

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

APPLE-SA-2017-12-12-2 AirPort Base Station Firmware Update 7.7.9

AirPort Base Station Firmware Update 7.7.9 is now available and
addresses the following:

AirPort Base Station Firmware
Available for: AirPort Extreme and AirPort Time Capsule base stations
with 802.11ac
Impact: An attacker within range may be able to execute arbitrary
code on the Wi-Fi chip
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-9417: Nitay Artenstein of Exodus Intelligence

AirPort Base Station Firmware
Available for: AirPort Extreme and AirPort Time Capsule base stations
with 802.11ac
Impact: An attacker in Wi-Fi range may force nonce reuse in WPA
unicast/PTK clients (Key Reinstallation Attacks – KRACK)
Description: A logic issue existed in the handling of state
transitions. This was addressed with improved state management.
CVE-2017-13077: Mathy Vanhoef of the imec-DistriNet group at KU
Leuven
CVE-2017-13078: Mathy Vanhoef of the imec-DistriNet group at KU
Leuven

AirPort Base Station Firmware
Available for: AirPort Extreme and AirPort Time Capsule base stations
with 802.11ac
Impact: An attacker in Wi-Fi range may force nonce reuse in WPA
multicast/GTK clients (Key Reinstallation Attacks – KRACK)
Description: A logic issue existed in the handling of state
transitions. This was addressed with improved state management.
CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU
Leuven

Installation note:

Firmware version 7.7.9 is installed on AirPort Extreme or
AirPort Time Capsule base stations with 802.11ac using
AirPort Utility for Mac or iOS.

AirPort Utility for Mac is a free download from
https://support.apple.com/downloads/ and AirPort Utility for iOS
is a free download from the App Store.
—–BEGIN PGP SIGNATURE—–

iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlowGCIpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEaeLxAA
kulHMKbWoRlguzlQWGhdS4hXLD02MvBz0Sc8NGCyp66N+THvc+uBnbfo283E+z01
eL7gqpMGgJ5cs7EVCCGtHMreg330d+9IiiSgbB2GZxddyc8pKymhYPstKtJazTWa
4NvnBCW2pzcmDieAyuhKRVxvqKRbTHsc0qfPPyKIB8KIh4L6KlcOWrdxbLK02qxi
5I7jEh5U41v3Z1ZXdmypqwM7M/Pur6IMmR4fHeA4fxH0BVq6uyiG88mOkfk3QHSJ
hHafQSQraPrmDbFvDB4hUZs/0rXPWcQ0FoQupMhcE2tgzc4/AL1BPYrkymEp9Y5J
bpKfOFCrRKSoqNs7vyq7BmWohwkXao427USAMNTwNsC8eANtVtYSVgINaw+vzt6d
xvNN6uul88v36Ta5EKHgAcV8uhcv83VH7NLzHJzdsHAychN+FsOVlXSgUNFM6S4a
n6/7HgZIGFPhSnkyywryax+9YrEkSaa9z1lFnhpMjwNLt1VGU6bUvpfLlNQS39L0
6YkY/qqlGdrI3OYBUae01oopK35rJi9S+kpTy/09eIb99s72aJHwrXr93UYJJlxg
pYFtiucmkQJCOa048OsK3MFBr65F5scDMdTQlePThnjc5XFVP5/H1zWEHtOvVMO2
6iDe0wzR8ykyW2/o4Jv0w4cgLCiEyjsjWh95F1uyDLo=
=ri7s
—–END PGP SIGNATURE—–

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list (Security-announce@lists.apple.com)

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

APPLE-SA-2017-12-12-1 AirPort Base Station Firmware Update 7.6.9

AirPort Base Station Firmware Update 7.6.9 is now available and
addresses the following:

AirPort Base Station Firmware
Available for: AirPort Express, AirPort Extreme, and
AirPort Time Capsule base stations with 802.11n
Impact: An attacker in Wi-Fi range may force nonce reuse in WPA
unicast/PTK clients (Key Reinstallation Attacks – KRACK)
Description: A logic issue existed in the handling of state
transitions. This was addressed with improved state management.
CVE-2017-13077: Mathy Vanhoef of the imec-DistriNet group at KU
Leuven
CVE-2017-13078: Mathy Vanhoef of the imec-DistriNet group at KU
Leuven

AirPort Base Station Firmware
Available for: AirPort Express, AirPort Extreme, and
AirPort Time Capsule base stations with 802.11n
Impact: An attacker in Wi-Fi range may force nonce reuse in WPA
multicast/GTK clients (Key Reinstallation Attacks – KRACK)
Description: A logic issue existed in the handling of state
transitions. This was addressed with improved state management.
CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU
Leuven

Installation note:

Firmware version 7.6.9 is installed on AirPort Express, AirPort
Extreme, or AirPort Time Capsule base stations with 802.11n using
AirPort Utility for Mac or iOS.

AirPort Utility for Mac is a free download from
https://support.apple.com/downloads/ and AirPort Utility for iOS
is a free download from the App Store.
—–BEGIN PGP SIGNATURE—–

iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlowGBMpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEat/hAA
oSRiOLRhqL1ou4QBFooxDYnYpgEQHCWwyMFcRwSATzVEyGFNS95AWG1kzVM7g/FE
7O81zzw33Zlk7YhjeGwlpPQ0QG6x1FD/kVi4kFPEakJE0u514zn+LvD+1ZZ/1oan
jpsw1APUSOqKiTFpFLM2A+te5pt0j6VrObYykWZpyxoMqqBTxRBhA/44NZMmZKtP
FEKLi9wfV7VuiyJbvjKomvAmJXAWY/lOWF0r/+7EWni0c6s3P8IpgliSYaCzlHSD
5T4Rr1xFEEMAU8LcMI5MYh5MUGkXoMgNCdGpHcKGAH6IeFLHLcNQgzHvQHI4M4zE
aqKxh0QuriXCCT45eTtAJfpNzKd/Ei2Df9BlmgDZX1U4pt4FgKTar0DhtQtw8rwA
0A6LHAiKWRxS9OJjQQeBKcNM6ZXkCIDESku8gEXdxaM2H82zQ4EJVYZ9C1e0EOGp
fF2jPTfaVMutQuoEpGn65hlQxi/szh/ezwGNKUTRAicTInaBPGFGRAr0+xiXVdi7
0Bb/i+hTIC2FKPaOWfLBIBbedu3M9oIi0061q3YukZPlESiZGUWyGDmyoX/3ZIht
anDY6u6IDzmqu5Sw/llZAsFkFsFwNJMioVOgNceXeetSAiXCHqsWBQFnw3Q4tJgS
9kPiorTFjAJYFQwPdPhFGaxwT+bDqgKi9g82QrGniVc=
=QykH
—–END PGP SIGNATURE—–

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list (Security-announce@lists.apple.com)

AutorPetar Bertok
Cert idNCERT-REF-2017-12-0112-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
Top
More in Preporuke
Ranjivost u Cisco proizvodima

Otkrivena je ranjivost TLS (Transport Layer Security) stoga u više različitih Cisco proizvoda. Ranjivost može biti iskorištena za izvođenje Bleichenbacherovog...

Close