1. CVE-Search
  2. CVE-2007-1338
ID CVE-2007-1338
Summary The default configuration of the AirPort utility in Apple AirPort Extreme creates an IPv6 tunnel but does not enable the "Block incoming IPv6 connections" setting, which might allow remote attackers to bypass intended access restrictions by establishing IPv6 sessions that would have been rejected over IPv4.
References
Vulnerable Configurations
  • cpe:2.3:h:apple:airport_extreme:7.1:*:*:*:*:*:*:*
    cpe:2.3:h:apple:airport_extreme:7.1:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 29-07-2017 - 01:30)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
apple APPLE-SA-2007-04-09
confirm http://docs.info.apple.com/article.html?artnum=305366
misc http://arstechnica.com/journals/apple.ars/2007/2/14/7063
osvdb 34843
sectrack 1017889
secunia 24830
vupen ADV-2007-1308
xf airportextreme-ipv6-security-bypass(33526)
Last major update 29-07-2017 - 01:30
Published 08-03-2007 - 22:19
Last modified 29-07-2017 - 01:30
Back to Top