Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Apple Airport Administrative Port Credential Encryption Weakness



The remote host passes information across the network in an insecure manner.


The remote host is an Apple Airport Wireless Access Point, which can be administrated on top of port 5009. There is a flaw in the administration protocol of this device which makes its password to be transmitted in cleartext over the network. An attacker could sniff this information, recover the password, and use it to gain administrative privileges on this host.


Block incoming traffic to this port, and only administer this device via a cross-over cable.