A buffer overflow in certain Apple AirPort drivers may allow an attacker to execute arbitrary code with system privileges, or create a denial-of-service condition.
A buffer overflow vulnerability has been reported in Orinoco-based Airport drivers. An attacker within radio range may be able to trigger the overflow by sending a specially-crafted 802.11 management frame to a vulnerable system. Since 802.11b and 802.11g management frames are not encrypted, using wireless encryption (WEP/WPA) does not mitigate this vulnerability.
A remote, unauthenticated attacker may be able to execute arbitrary code with system privileges.
Disable wireless adapters
Apple Computer, Inc.
Thanks to HD Moore for providing information about this vulnerability.
|Date First Published:||2006-11-30|
|Date Last Updated:||2006-11-30 15:07 UTC|