Apple Airport Administrative Port Credential Encryption Weakness

High Nessus Network Monitor Plugin ID 1886

Synopsis

The remote host passes information across the network in an insecure manner.

Description

The remote host is an Apple Airport Wireless Access Point, which can be administrated on top of port 5009. There is a flaw in the administration protocol of this device which makes its password to be transmitted in cleartext over the network. An attacker could sniff this information, recover the password, and use it to gain administrative privileges on this host.

Solution

Block incoming traffic to this port, and only administer this device via a cross-over cable.

Plugin Details

Severity: High

ID: 1886

File Name: 1886.prm

Family: Data Leakage

Published: 2004/08/20

Modified: 2016/02/05

Nessus ID: 11620

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.6

Temporal Score: 7.2

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:W/RC:ND

CVSSv3

Base Score: 8.1

Temporal Score: 7.9

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:H/RL:W/RC:X

Reference Information

CVE: CVE-2003-0270

BID: 7554

OSVDB: 12073