ID CVE-2003-0270
Summary The administration capability for Apple AirPort 802.11 wireless access point devices uses weak encryption (XOR with a fixed key) for protecting authentication credentials, which could allow remote attackers to obtain administrative access via sniffing when the capability is available via Ethernet or non-WEP connections.
References
Vulnerable Configurations
  • Apple AirPort Base Station 802.11
    cpe:2.3:h:apple:802.11n:7.3.1
CVSS
Base: 7.6 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
metasploit via4
description This module attempts to authenticate to an Apple Airport using its proprietary and largely undocumented protocol known only as ACPP.
id MSF:AUXILIARY/SCANNER/ACPP/LOGIN
last seen 2019-03-29
modified 2017-07-24
published 2015-01-05
reliability Normal
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/acpp/login.rb
title Apple Airport ACPP Authentication Scanner
nessus via4
NASL family Misc.
NASL id AIRPORT_PLAINTEXT_CREDENTIALS.NASL
description The remote host is an Apple Airport Wireless Access Point which can be administrated on top of TCP port 5009. There is a design flaw in the administrative protocol which makes the clients which connect to this port send the password in cleartext (although slightly obsfuscated). An attacker who has the ability to sniff the data going to this device may use this flaw to gain its administrative password and gain its control. Since the airport base station does not keep any log, it will be difficult to determine that administrative access has been stolen.
last seen 2019-02-21
modified 2018-06-27
plugin id 11620
published 2003-05-12
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=11620
title Apple AirPort Base Station Authentication Credential Encryption Weakness
refmap via4
atstake A051203-1
bid 7554
sectrack 1006742
secunia 8773
xf airport-auth-credentials-disclosure(11980)
Last major update 05-09-2008 - 16:33
Published 16-06-2003 - 00:00
Last modified 10-07-2017 - 21:29
Back to Top