| VID |
29060 |
| Severity |
40 |
| Port |
21 |
| Protocol |
TCP |
| Class |
WAP |
| Detailed Description |
The Airport Wireless Access Point reveals authentication credentials via administrative port. Apple's AirPort device is a wireless access point, providing 802.11 services to network clients. This device is managed through a proprietary administrative protocol over a TCP port (5009/tcp). The administration capability uses weak encryption (XOR with a fixed key) for protecting authentication credentials. If an AirPort is administered over the Ethernet interface or via an insecure (non-WEP) wireless connection, an attacker that can sniff the network and obtain administrative access to the AirPort.
* References:
http://www.atstake.com/research/advisories/2003/a051203-1.txt
http://www.securiteam.com/securitynews/5NP0H2AA0I.html
* Platforms Affected:
Apple AirPort Wireless Access Point |
| Recommendation |
No patches or upgrades available as of June 2014.
Workaounds:
Administer the AirPort Base Station either via a wired connection or via a WEP-protected wireless connection.
The only way to securely administer the AirPort Base Station is by connecting to it via a cross-over Ethernet cable. In environments where this is not practical, it is advised that the AirPort Base Station be managed through the Ethernet network, and not the wireless network. |
| Related URL |
CVE-2003-0270 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
