icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Apple Airport Administrative Port Credential Encryption Weakness

High

Synopsis

The remote host passes information across the network in an insecure manner.

Description

The remote host is an Apple Airport Wireless Access Point, which can be administrated on top of port 5009. There is a flaw in the administration protocol of this device which makes its password to be transmitted in cleartext over the network. An attacker could sniff this information, recover the password, and use it to gain administrative privileges on this host.

Solution

Block incoming traffic to this port, and only administer this device via a cross-over cable.