Apple`s AirPort Base Station authentication credentials disclosure

airport-auth-credentials-disclosure (11980) The risk level is classified as MediumMedium Risk

Description:

Apple's AirPort Base Station transmits unencrypted authentication credentials. If a device is administered over the Ethernet interface or use a non-WEP (Wired Equivalent Privacy) wireless connection, a remote attacker could use a sniffing tool once the password is being transmitted to obtain this information and gain unauthorized administrative access to the device. If WEP is enabled, an attacker would need to be WEP authenticated in order to exploit this vulnerability.

Platforms Affected:

  • Apple, AirPort Base Station

Remedy:

No remedy available as of November 29, 2008.

Consequences:

Bypass Security

References:

  • @stake, Inc. Security Advisory A051203-1, Apple AirPort Administrative Password Obfuscation at http://www.webproxy.com/research/advisories/2003/a051203-1.txt.
  • BID-7554: Apple AirPort Administrative Password Encryption Weakness
  • CVE-2003-0270: The administration capability for Apple AirPort 802.11 wireless access point devices uses weak encryption (XOR with a fixed key) for protecting authentication credentials, which could allow remote attackers to obtain administrative access via sniffing when the capability is available via Ethernet or non-WEP connections.
  • SA8773: Apple AirPort Base Station Weak Password Encryption
  • SECTRACK ID: 1006742: Apple AirPort Wireless Base Station Discloses Administrator Password to Remote Users

Reported:

May 12, 2003

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

Copyright (c) 1994-2008 Internet Security Systems, Inc. All rights reserved worldwide.

For corrections or additions please email xforce@iss.net

Return to the main page