AirPort Update 2006-001 / Security Update 2006-005

This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.


Synopsis :

Arbitrary code can be executed on the remote host through the AirPort
Wireless card.

Description :

The remote host is missing a security update regarding the drivers of
the AirPort wireless card.

An attacker in the proximity of the target host may exploit this flaw
by sending malformed 802.11 frames to the remote host and cause a
stack overflow resulting in a crash of arbitrary code execution.

Solution :

Apple has released a patch for this issue :

http://docs.info.apple.com/article.html?artnum=304420

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 5.6
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: MacOS X Local Security Checks

Nessus Plugin ID: 22418 (macosx_Airport_2006-001.nasl)

Bugtraq ID: 20144

CVE ID: CVE-2006-3507
CVE-2006-3508
CVE-2006-3509

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial